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An algebraic number field is a finite extension of Q; an algebraic number is an element 
of an algebraic number field. Algebraic number theory studies the arithmetic of algebraic 
number fields — the ring of integers in the number field, the ideals and units in the ring of 
integers, the extent to which unique factorization holds, and so on. 

An abelian extension of a field is a Galois extension of the field with abelian Galois 
group. Class field theory describes the abelian extensions of a number field in terms of the 
arithmetic of the field. 

These notes are concerned with algebraic number theory, and the sequel with class field 
theory. 
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Notations. 



We use the standard (Bourbaki) notations: N = {0, 1, 2, . . .}; Z = ring of integers; R = field 
of real numbers; C = field of complex numbers; ¥ p = Z/ pZ = field with p elements, p a 
prime number. 

For integers m and n, m\n means that m divides n, i.e., n e mZ. Throughout the notes, 
p is a prime number, i.e., p = 2, 3, 5 

Given an equivalence relation, [*] denotes the equivalence class containing *. The 
empty set is denoted by 0. The cardinality of a set S is denoted by |5| (so |5| is the number 
of elements in 5* when 5* is finite). Let / and A be sets; a family of elements of A indexed 
by /, denoted is a function i i-> a,-: / -> A 

Xc7 X is a subset of F (not necessarily proper); 

def 

X = Y X is defined to be F, or equals Y by definition; 
X ss F X is isomorphic to F ; 

X ~ F X and F are canonically isomorphic (or there is a given or unique isomorphism); 

denotes an injective map; 
-» denotes a surjective map. 

monnnnn question nnnnn in mathoverflow.net 

It is standard to use Gothic (fraktur) letters for ideals: 

abcmnpqABCMNPQ 

Prerequisites 

The algebra usually covered in a first-year graduate course, for example, Galois theory, 
group theory, and multilinear algebra. An undergraduate number theory course will also be 
helpful. 
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Dramatis Persons 



Fermat (1601-1665). Stated his last "theorem", and proved it for m = 4. He also posed 
the problem of finding integer solutions to the equation, 

X 2 -AY 2 = l, AeZ, (1) 

which is essentially the problem 1 of finding the units in Z[vZ]. The English mathemati- 
cians found an algorithm for solving the problem, but neglected to prove that the algorithm 
always works. 

Euler (1707-1783). He introduced analysis into the study of the prime numbers, and he 
discovered an early version of the quadratic reciprocity law. 

Lagrange (1736-1813). He found the complete form of the quadratic reciprocity law: 
M M = (_ 1) (P-D(?-l)/4 j p q odd p r i m e S , 

and he proved that the algorithm for solving (1) always leads to a solution, 

LEGENDRE (1752-1833). He introduced the "Legendre symbol" (j\ and gave an incom- 
plete proof of the quadratic reciprocity law. He proved the following local-global principle 
for quadratic forms in three variables over Q: a quadratic form Q(X, Y,Z) has a nontrivial 
zero in Q if and only if it has one in R and the congruence Q = mod p" has a nontrivial 
solution for all p and n. 

GAUSS (1777-1855). He found the first complete proofs of the quadratic reciprocity law. 
He studied the Gaussian integers Z[z] in order to find a quartic reciprocity law. He studied 
the classification of binary quadratic forms over Z, which is closely related to the problem 
of finding the class numbers of quadratic fields. 

DlRlCHLET (1805-1859). He introduced L-series, and used them to prove an analytic for- 
mula for the class number and a density theorem for the primes in an arithmetic progression. 
He proved the following "unit theorem": let a be a root of a monic irreducible polynomial 
f(X) with integer coefficients; suppose that f(X) has r real roots and 2s complex roots; 
then Z[a] x is a finitely generated group of rank r + s — 1. 

Kummer (1810-1893). He made a deep study of the arithmetic of cyclotomic fields, mo- 
tivated by a search for higher reciprocity laws, and showed that unique factorization could 
be recovered by the introduction of "ideal numbers". He proved that Fermat's last theorem 
holds for regular primes. 

Hermite (1822-1901). He made important contributions to quadratic forms, and he showed 
that the roots of a polynomial of degree 5 can be expressed in terms of elliptic functions. 

ElSENSTElN (1823-1852). He published the first complete proofs for the cubic and quartic 
reciprocity laws. 

KRONECKER (1823-1891). He developed an alternative to Dedekind's ideals. He also had 
one of the most beautiful ideas in mathematics for generating abelian extensions of number 
fields (the Kronecker liebster Jugendtraum). 

RlEMANN (1826-1866). Studied the Riemann zeta function, and made the Riemann hy- 
pothesis. 

'The Indian mathematician Bhaskara (12th century) knew general rules for finding solutions to the equa- 
tion. 



Dedekind (1831-1916). He laid the modern foundations of algebraic number theory by 
finding the correct definition of the ring of integers in a number field, by proving that ideals 
factor uniquely into products of prime ideals in such rings, and by showing that, modulo 
principal ideals, they fall into finitely many classes. Defined the zeta function of a number 
field. 

Weber (1842-1913). Made important progress in class field theory and the Kronecker 
Jugendtraum. 

Hensel (1861-1941). He gave the first definition of the field of p-adic numbers (as the set 
of infinite sums J2T=- 

€{0,l,...,p-l}). 

HlLBERT (1862-1943). He wrote a very influential book on algebraic number theory in 
1897, which gave the first systematic account of the theory. Some of his famous problems 
were on number theory, and have also been influential. 

TAKAGI (1875-1960). He proved the fundamental theorems of abelian class field theory, 
as conjectured by Weber and Hilbert. 

NOETHER (1882-1935). Together with Artin, she laid the foundations of modern algebra 
in which axioms and conceptual arguments are emphasized, and she contributed to the 
classification of central simple algebras over number fields. 

Hecke (1887-1947). Introduced Hecke L-series generalizing both Dirichlet's L-series and 
Dedekind's zeta functions. 

Artin (1898-1962). He found the "Artin reciprocity law", which is the main theorem of 
class field theory (improvement of Takagi's results). Introduced the Artin L-series. 

HASSE (1898-1979). He gave the first proof of local class field theory, proved the Hasse 
(local-global) principle for all quadratic forms over number fields, and contributed to the 
classification of central simple algebras over number fields. 

Brauer (1901-1977). Defined the Brauer group, and contributed to the classification of 
central simple algebras over number fields. 

Weil (1906-1998). Defined the Weil group, which enabled him to give a common gener- 
alization of Artin L-series and Hecke L-series. 

Chevalley (1909-84). The main statements of class field theory are purely algebraic, 
but all the earlier proofs used analysis; Chevalley gave a purely algebraic proof. With his 
introduction of ideles he was able to give a natural formulation of class field theory for 
infinite abelian extensions. 

IWASAWA (1917-1998). He introduced an important new approach into algebraic number 
theory which was suggested by the theory of curves over finite fields. 

TATE (1925- ). He proved new results in group cohomology, which allowed him to give 
an elegant reformulation of class field theory. With Lubin he found an explicit way of 
generating abelian extensions of local fields. 

LANGLANDS (1936- ). The Langlands program is a vast series of conjectures that, among 
other things, contains a nonabelian class field theory. 



8 



Introduction 



It is greatly to be lamented that this virtue of 
the [rational integers], to be decomposable into 
prime factors, always the same ones for a given 
number, does not also belong to the [integers of 
cyclotomic fields [. 

Kummer 1 844 (as translated by Andre Weil) 

The fundamental theorem of arithmetic says that every nonzero integer m can be writ- 
ten in the form, 

m = ±p\ ■ ■ ■ p n , pi a prime number, 

and that this factorization is essentially unique. 

Consider more generally an integral domain A. An element a e A is said to be a unit if 
it has an inverse in A (element b such that ab = \ = ba). I write A x for the multiplicative 
group of units in A. An element n of A is said to prime if it is neither zero nor a unit, and if 

n\ab ==>• n\a or n\b. 

If A is a principal ideal domain, then every nonzero element a of A can be written in the 
form, 

a = un\---n n , u a unit, jtj a prime element, 

and this factorization is unique up to order and replacing each jii with an associate, i.e., 
with its product with a unit. 

Our first task will be to discover to what extent unique factorization holds, or fails to 
hold, in number fields. Three problems present themselves. First, factorization in a field 
only makes sense with respect to a subring, and so we must define the "ring of integers" 
Ok in our number field K. Secondly, since unique factorization will fail in general, we 
shall need to find a way of measuring by how much it fails. Finally, since factorization is 
only considered up to units, in order to fully understand the arithmetic of K, we need to 
understand the structure of the group of units Uk in Ok- 

The ring of integers 

Let K be an algebraic number field. Each element a of K satisfies an equation 

a" +a\tt n ~ l H Va = 

with coefficients a i , . . . , a n in Q, and a is an algebraic integer if it satisfies such an equation 
with coefficients a \ , . . . , a n in Z. We shall see that the algebraic integers form a subring Ok 
of K. 

The criterion as stated is difficult to apply. We shall show (2.1 1) that a is an algebraic 
integer if and only if its minimum polynomial over Q has coefficients in Z. 

Consider for example the field K = Q[vd], where d is a square-free integer. The 
minimum polynomial of a = a + b\fd, b ^ 0, a, b € Q, is 

(X-(a + bVd))(X-(a-bVd)) = X 2 -2aX + (a 2 -b 2 d), 

and so a is an algebraic integer if and only if 

2a € Z, a 2 -b 2 dsZ. 
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From this it follows easily that, when d = 2, 3 mod 4, a is an algebraic integer if and only 
if a and b are integers, i.e., 



K = Z[Vd] = \a + b-fd \a,bez\. 



and, when d = 1 mod 4, a is an algebraic integer if and only if a and b are either both 
integers or both half-integers, i.e., 



K = n 1± ^ l ] = {a + b^fi 



a,beZ 



For example, the minimum polynomial of 1 /2 + V5/ 2 is X 2 — X — 1 , and so 1/2 + *J~5/ 2 
is an algebraic integer in Q[V5]- 

Let ^ be a primitive dth root of 1, for example, ^ = exp(2;n'/<i), and let K = Q[fo]. 
Then we shall see (6.2) that 



as one would hope. 



Factorization 

A nonzero element tt of an integral domain A is said to be irreducible if it is not a unit, and 
can't be written as a product of two nonunits. For example, a prime element is (obviously) 
irreducible. A ring A is a unique factorization domain if every nonzero element of A can 
be expressed as a product of irreducible elements in essentially one way. Is the ring of 
integers Ok a unique factorization domain? No, not in general! 

We shall see that each element of Ok can be written as a product of irreducible elements 
(this is true for all Noetherian rings), and so it is the uniqueness that fails. 

For example, in Z[\/^5] we have 

6 = 2-3 = (1 + V = 5)(l-V = 5). 

To see that 2, 3, 1 + y— 5, 1 — y— 5 are irreducible, and no two are associates, we use the 
norm map 

NmiQtv^^Q, a + bv^5M*a 2 + 5b 2 . 
This is multiplicative, and it is easy to see that, for a e Ok, 

Nm(a) = 1 <^=> ads = 1 <^=> a is a unit. (*) 

If 1 + = afi, thenNm(a/3) = Nm(l + v^5) = 6. Thus Nm(a) = 1,2,3, or 6. In the 
first case, a is a unit, the second and third cases don't occur, and in the fourth case /3 is a 
unit. A similar argument shows that 2, 3, and 1 — are irreducible. Next note that (*) 
implies that associates have the same norm, and so it remains to show that 1 + V— 5 and 
1 — are not associates, but 

1 + V^5 = (a + b V / ^5)(l - V^5) 

has no solution with a, b 6 Z. 

Why does unique factorization fail in 0^? The problem is that irreducible elements in 
Ok need not be prime. In the above example, 1 + divides 2 • 3 but it divides neither 2 
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nor 3. In fact, in an integral domain in which factorizations exist (e.g. a Noetherian ring), 
factorization is unique if all irreducible elements are prime. 
What can we recover? Consider 

210 = 6-35= 10-21. 

If we were naive, we might say this shows factorization is not unique in Z; instead, we 
recognize that there is a unique factorization underlying these two decompositions, namely, 

210 = (2-3)(5-7) = (2-5)(3-7). 

The idea of Kummer and Dedekind was to enlarge the set of "prime numbers" so that, for 
example, in Z[V^5] there is a unique factorization, 

6 = (Pi-p 2 )(p3-p4) = (Pi-p 3 )(p2-p4), 

underlying the above factorization; here the p, are "ideal prime factors". 

How do we define "ideal factors"? Clearly, an ideal factor should be characterized 
by the algebraic integers it divides. Moreover divisibility by a should have the following 
properties: 

o|0; a\a,a\b =$> a\a±b; a\a => a\ab for all b e Ok- 
If in addition division by a has the property that 

a\ab => a\a or a\b, 

then we call o a "prime ideal factor". Since all we know about an ideal factor is the set of 
elements it divides, we may as well identify it with this set. Thus an ideal factor o is a set 
of elements of Ok such that 

Oect; a,b e a±b e a; a e a => ab e a for all b e Ok', 

it is prime if an addition, 

ab € a => a e a or b e a. 

Many of you will recognize that an ideal factor is what we now call an ideal, and a prime 
ideal factor is a prime ideal. 

There is an obvious notion of the product of two ideals: 

ab|c •<=> c = y^ajbi, a\ai, b\bi. 

In other words, 

ab = {y^ajbj \ a t e a, b t e bj . 
One sees easily that this is again an ideal, and that if 

o = (ai,...,a m ) and b = (bi,...,b„) 

then 

o-b = (a\b\,...,aibj,...,a m bn). 

With these definitions, one recovers unique factorization: if a ^ 0, then there is an 
essentially unique factorization: 

(a) = pi • • • p n with each p,- a prime ideal. 
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In the above example, 



In fact, I claim 



(6) = (2,1 + V-5)(2, 1 - V-5)(3, 1 + V-5)(3, 1 - V-5). 

(2,1 + V=5)(2,1-V=5) = (2) 
(3, 1 + V=5)(3, 1 - V=5) = (3) 
(2, 1 + V = 5)(3, 1 + V=5) = (1 + 7^5) 
(2, 1 - V=5)(3, 1 - V=5) = (1 - V=5). 



For example, (2, 1 + V^5)(2, 1 — a 
erator is divisible by 2, we see that 



-5) = (4, 2 + 2 V^5, 2 - 2 V^5, 6). Since every gen- 



(2,1 + V-5)(2,l 



-5) C (2). 



Conversely, 



2 = 6-4 e (4,2 + 27^5,2-27^5,6) 



and so (2, 1 + V— 5) (2, 1 — V— 5) = (2), as claimed. I further claim that the four ideals 
(2, 1 + V— 5), (2, 1 — V— 5), (3, 1 + V— 5), and (3, 1 — V— 5) are all prime. For example, 
the obvious map Z -> Z[\/— 5]/ (3, 1 — V^5) is surjective with kernel (3), and so 

Z[V=5]/(3,l-V = 5)~Z/(3), 

which is an integral domain. 

How far is this from what we want, namely, unique factorization of elements? In other 
words, how many "ideal" elements have we had to add to our "real" elements to get unique 
factorization. In a certain sense, only a finite number: we shall see that there exists a finite 
set S of ideals such that every ideal is of the form o • (a) for some ae S and some a e Ok- 
Better, we shall construct a group / of "fractional" ideals in which the principal fractional 
ideals (a), a e K x , form a subgroup P of finite index. The index is called the class number 
hx of K. We shall see that 



hx = 1 <^=> Ok is a principal ideal domain 

Ok is a unique factorization domain. 



Units 

Unlike Z, Ok can have infinitely many units. For example, (1 + y2) is a unit of infinite 
order in Z[V2] : 

(1 + V2)(-1 + V5) = 1; (l + V2) m ^lifm^0. 

In fact Z[V2] X = {±(1 + V2) m \meZ}, and so 

Z[V2] X ss {±1} x {free abelian group of rank 1}. 

In general, we shall show (unit theorem) that the roots of 1 in K form a finite group fi(K), 
and that 

O k ii(K) x Z r (as an abelian group); 
moreover, we shall find r. 
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Applications 



One motivation for the development of algebraic number theory was the attempt to prove 
Fermat's last "theorem", i.e., when m > 3, there are no integer solutions (x,y,z) to the 
equation 

X m -\- Y m Z m 

with all of x, y, z nonzero. 

When m = 3, this can be proved by the method of "infinite descent", i.e., from one so- 
lution, you show that you can construct a smaller solution, which leads to a contradiction 2 . 
The proof makes use of the factorization 

Y 3 = Z 3 - X 3 = (Z - X)(Z 2 + XZ + X 2 ), 

and it was recognized that a stumbling block to proving the theorem for larger m is that no 
such factorization exists into polynomials with integer coefficients of degree < 2. This led 
people to look at more general factorizations. 

In a famous incident, the French mathematician Lame gave a talk at the Paris Academy 
in 1847 in which he claimed to prove Fermat's last theorem using the following ideas. Let 
p > 2 be a prime, and suppose x, y, z are nonzero integers such that 

x p + y p = z p . 

Write 

x p = z p - y P = Y\(z-^y), 0<i<p-l, t,=e 2llilp . 

He then showed how to obtain a smaller solution to the equation, and hence a contradiction. 
Liouville immediately questioned a step in Lame's proof in which he assumed that, in order 
to show that each factor (z — y) is a pth power, it suffices to show that the factors are 
relatively prime in pairs and their product is a pth power. In fact, Lame couldn't justify his 
step (Z[£] is not always a principal ideal domain), and Fermat's last theorem was not proved 
for almost 150 years. However, shortly after Lame's embarrassing lecture, Kummer used 
his results on the arithmetic of the fields Q[£] to prove Fermat's last theorem for all regular 
primes, i.e., for all primes p such that p does not divide the class number of Q[£p]. 

Another application is to finding Galois groups. The splitting field of a polynomial 
f(X) e Q[X] is a Galois extension of Q. In a basic Galois theory course, we learn how to 
compute the Galois group only when the degree is very small. By using algebraic number 
theory one can write down an algorithm to do it for any degree. 

For applications of algebraic number theory to elliptic curves, see, for example, Milne 
2006. 

Some comments on the literature 

Computational number theory 

Cohen 1993 and Pohst and Zassenhaus 1989 provide algorithms for most of the construc- 
tions we make in this course. The first assumes the reader knows number theory, whereas 
the second develops the whole subject algorithmically. Cohen's book is the more useful as 
a supplement to this course, but wasn't available when these notes were first written. While 
the books are concerned with more-or-less practical algorithms for fields of small degree 
and small discriminant, Lenstra (1992) concentrates on finding "good" general algorithms. 

2 The simplest proof by infinite descent is that showing that V2 is irrational. 
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History of algebraic number theory 

Dedekind 1996, with its introduction by Stillwell, gives an excellent idea of how algebraic 
number theory developed. Edwards 1977 is a history of algebraic number theory, con- 
centrating on the efforts to prove Fermat's last theorem. The notes in Narkiewicz 1990 
document the origins of most significant results in algebraic number theory. Lemmermeyer 
2009, which explains the origins of "ideal numbers", and other writings by the same author, 
e.g., Lemmermeyer 2000, 2007. 

Exercises 

0-1 Let d be a square-free integer. Complete the verification that the ring of integers in 
Q[VJ] is as described. 





5)(2,1- 




5) 



is a factorization of (6) into a product of prime ideals. 
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Chapter 



Preliminaries from Commutative 

Algebra 

Many results that were first proved for rings of integers in number fields are true for more 
general commutative rings, and it is more natural to prove them in that context. 1 

Basic definitions 

All rings will be commutative, and have an identity element (i.e., an element 1 such that 
\a = a for all a e A), and a homomorphism of rings will map the identity element to the 
identity element. 

A ring B together with a homomorphism of rings A -> B will be referred to as an 
A-algebra. We use this terminology mainly when A is a subring of B. In this case, for 
elements $\, of B, A[/3\, ...,f3 m ] denotes the smallest subring of B containing A and 

the Pi. It consists of all polynomials in the with coefficients in A, i.e., elements of the 
form 

We also refer to A[fii, ...,(3 m ] as the ^4-subalgebra of B generated by the /?,-, and when 
B = A[f5i, ...,fi m ] we say that the /3; generate B as an ^4-algebra. 

For elements a\,ai,... of A, we let (a\,a2,...) denote the smallest ideal containing 
the fl, . It consists of finite sums ^c, a,-, c,- e A, and it is called the ideal generated by 
a\,ai,.... When a and b are ideals in A, we define 

a+b = {a + b\ aea, beb}. 

It is again an ideal in A — in fact, it is the smallest ideal containing both a and b. If 
a = (ai,...,a m ) and b = (b\,...,b„), then a+ b = (ai, ...,a m ,b\, ...,b„). 

Given an ideal a in A, we can form the quotient ring A /a. Let f:A A/ a be the 
homomorphism a a + a; then b m>- f^ 1 (b) defines a one-to-one correspondence between 
the ideals of A/ a and the ideals of A containing a, and 

A/f- l {b)^{A/a)/b. 

'See also the notes A Primer of Commutative Algebra available on my website. 
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1 . Preliminaries from Commutative Algebra 



A proper ideal a of A is prime if ab e a =>• a or ft e o. An ideal o is prime if and only if 
the quotient ring Aj a is an integral domain. A nonzero element n of A is said to be prime 
if (n) is a prime ideal; equivalently, if n\ab =>■ 7r|a or n\b. 

An ideal m in A is maximal if it is maximal among the proper ideals of A, i.e., if m ^ ^4 
and there does not exist an ideal o ^ A containing m but distinct from it. An ideal a is 
maximal if and only if A/ a is a field. Every proper ideal o of A is contained in a maximal 
ideal — if A is Noetherian (see below) this is obvious; otherwise the proof requires Zorn's 
lemma. In particular, every nonunit in A is contained in a maximal ideal. 

There are the implications: A is a Euclidean domain =>■ A is a principal ideal domain 
=>• A is a unique factorization domain (see any good graduate algebra course). 

Ideals in products of rings 

Proposition 1.1 Consider a product of rings Ax B. If a and b are ideals in A and B 
respectively, then a x b is an ideal in Ax B, and every ideal in Ax B is of this form. The 
prime ideals of Ax B are the ideals of the form 

p x B (pa prime ideal of A), Axp (pa prime ideal of B ). 
PROOF. Let c be an ideal in Ax B, and let 

a = {a e A\(a,0) ec}, b = {b e B \ (0,b) e c}. 

Clearly ox b C c. Conversely, let (a, b) € c. Then (a,0) = (a,b) ■ (1,0) € c and (0,b) = 
(a,b) • (0, 1) e c, and so (a, b) e ax b. 

Recall that an ideal c C C is prime if and only if C/c is an integral domain. The map 

AxB A/axB/b, (a,b) h> (a + a,b + b) 

has kernel a x b, and hence induces an isomorphism 

(AxB)/(axb) ~ A/axB/b. 

Now use that a product of rings is an integral domain if and only if one ring is zero and the 
other is an integral domain. □ 

Remark 1.2 The lemma extends in an obvious way to a finite product of rings: the ideals 
in A\ x ■ ■ ■ x A m are of the form oi x • • • x a m with o, an ideal in At ; moreover, oi x • • • x a m 
is prime if and only if there is a j such that oy is a prime ideal in Aj and a,- = Aj for i ^ j. 

Noetherian rings 

A ring A is Noetherian if every ideal in A is finitely generated. 
Proposition 1.3 The following conditions on a ring A are equivalent: 

(a) A is Noetherian. 

(b) Every ascending chain of ideals 

ai C o 2 C • • • C a„ C • • • 
eventually becomes constant, i.e., for some n, a n = a n +i = ■■■ . 



Noetherian modules 



17 



(c) Every nonempty set S of ideals in A has a maximal element, i.e., there exists an ideal 
in S not properly contained in any other ideal in S. 

PROOF. (a)=Kb): Let a = U a ^ it i s an ideal, and hence is finitely generated, say a = 
(fli , . . . ,a r ). For some n, a n will contain all the a,, and so a„ = o„+i = • • • = o. 

(b) =>-(c): Let Oi € S. If ai is not a maximal element of S, then there exists an a 2 € S such 
that 01 ^ d2- If CI2 is not maximal, then there exists an CI3 etc.. From (b) we know that this 
process will lead to a maximal element after only finitely many steps. 

(c) =Ka): Let a be an ideal in A, and let S be the set of finitely generated ideals contained 
in a. Then S is nonempty because it contains the zero ideal, and so it contains a maximal 
element, say, a' = (a\,...,a r ). If a' ^ a, then there exists an element a € o\ a', and 
(ai,...,a r ,a) will be a finitely generated ideal in a properly containing a'. This contradicts 
the definition of a'. □ 

A famous theorem of Hilbert states that k[X\, ...,X n ] is Noetherian. In practice, al- 
most all the rings that arise naturally in algebraic number theory or algebraic geometry 
are Noetherian, but not all rings are Noetherian. For example, the ring k [X\ ,...,X n ,...] 
of polynomials in an infinite sequence of symbols is not Noetherian because the chain of 
ideals 

(X 1 )C(X 1 ,X 2 )C(X 1 ,X 2 ,X 3 )C- 

never becomes constant. 

PROPOSITION 1 .4 Every nonzero nonunit element of a Noetherian integral domain can be 
written as a product of irreducible elements. 

PROOF. We shall need to use that, for elements a and b of an integral domain A, 

(a) C (b) •<=>■ b\a, with equality if and only if b = ax unit. 

The first assertion is obvious. For the second, note that if a = be and b = ad then a = 
be = adc, and so dc = 1. Hence both c and d are units. 

Suppose the statement of the proposition is false for a Noetherian integral domain A. 
Then there exists an element a e A which contradicts the statement and is such that (a) is 
maximal among the ideals generated by such elements (here we use that A is Noetherian). 
Since a can not be written as a product of irreducible elements, it is not itself irreducible, 
and so a = be with b and c nonunits. Clearly (b) Z> (a), and the ideals can't be equal for 
otherwise c would be a unit. From the maximality of (a), we deduce that b can be written 
as a product of irreducible elements, and similarly for c. Thus a is a product of irreducible 
elements, and we have a contradiction. □ 

Remark 1.5 Note that the proposition fails for the ring O of all algebraic integers in the 
algebraic closure of Q in C, because, for example, we can keep in extracting square roots 
— an algebraic integer a can not be an irreducible element of O because ^Ja will also be 
an algebraic integer and a = ^/a ■ *Ja. Thus O is not Noetherian. 

Noetherian modules 

Let A be a ring. An ^-module M is said to be Noetherian if every submodule is finitely 
generated. 
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Proposition 1.6 The following conditions on an A-module M are equivalent: 

(a) M is Noetherian; 

(b) every ascending chain of submodules eventually becomes constant; 

(c) every nonempty set of submodules in M has a maximal element. 

PROOF. Similar to the proof of Proposition 1.3. □ 

Proposition 1.7 Let M be an A-module, and let N be a submodule of M . If N and 
M/N are both Noetherian, then so also is M . 

PROOF. I claim that if M' C M" are submodules of M such that M' n N = M" n N and 
M' and M" have the same image in M/N , then M' = M" . To see this, let x e M"; the 
second condition implies that there exists aje M' with the same image as x in M/N , i.e., 
such that x-y e N. Then x - y e M" n N C M' , and so x e A/ 7 . 

Now consider an ascending chain of submodules of M. If M/N is Noetherian, the 
image of the chain in M/ N becomes constant, and if N is Noetherian, the intersection of 
the chain with N becomes constant. Now the claim shows that the chain itself becomes 
constant. □ 

Proposition 1.8 Let Abe a Noetherian ring. Then every finitely generated A-module is 
Noetherian. 

PROOF. If M is generated by a single element, then M r» A/ a for some ideal a in A, and 
the statement is obvious. We argue by induction on the minimum number n of generators 
of M. Since M contains a submodule N generated by n — 1 elements such that the quotient 
M/N is generated by a single element, the statement follows from (1.7). □ 

Local rings 

A ring A is said to local if it has exactly one maximal ideal m. In this case, A x = A \ m 
(complement of m in A). 

Lemma 1.9 (Nakayama's lemma) Let A be a local Noetherian ring, and let a be a 
proper ideal in A. Let M be a finitely generated A-module, and define 

aM — {J2^i m i I A; e <*, m i e M}. 

(a) IfaM = M,thenM = 0. 

(b) If N is a submodule of M such that N + aM — M, then N = M. 

PROOF, (a) Suppose that aM = M but M/0. Choose a minimal set of generators 
{e\,,..,e n } for M , n>\, and write 

e\ = a\e\ H Va„e„, a t e a. 

Then 

(l-ai)ei =a 2 e 2 -\ Va n e n . 

As 1 — a\ is not in m, it is a unit, and so {e 2 , •■-,£«} generates M, which contradicts our 
choice of {e\, . . .,e n }. 
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(b) It suffices to show that a(M/N) = M/N for then (a) shows that M/N = 0. Con- 
sider m + N , m e M . From the assumption, we can write 

m = n + ^2,aimi, with m e o, m; e M. 

Then 

m + N = J2 {ainii + N) = (mi + N) 
and so m + N e a(M/N). □ 

The hypothesis that M be finitely generated in the lemma is essential. For example, if 
A is a local integral domain with maximal ideal m ^ 0, then mM = M for every field M 
containing A but M^O. 

Rings of fractions 

Let ^4 be an integral domain; there is a field K D A, called the field of fractions of A, with 
the property that every c e K can be written in the form c = ab~ l with a, b e A and b ^ 0. 
For example, Q is the field of fractions of Z, and k(X) is the field of fractions of k[X], 

Let /I be an integral domain with field of fractions K. A subset 5* of A is said to be 
multiplicative if ^ S, 1 € S, and S is closed under multiplication. If S is a multiplicative 
subset, then we define 

S~ l A = {a/beK\beS}. 

It is obviously a subring of K. 

Example 1.10 (a) Let t be a nonzero element of A; then 

S t = {l,t,t 2 ,...} 

is a multiplicative subset of A, and we (sometimes) write A t for S^ -1 A For example, if d 
is a nonzero integer, then 2 Z^ consists of those elements of Q whose denominator divides 
some power of d : 

Z d = {a/d n eQ | a e Z, n > 0}. 

(b) If p is a prime ideal, then S p = A \ p is a multiplicative set (if neither a nor b belongs 
to p, then ab does not belong to p). We write A 9 for S~ l A. For example, 

Z( p ) = e Q | n is not divisible by p}. 

Proposition 1.11 Consider an integral domain A and a multiplicative subset S of A. For 
an ideal a of A, write a e for the ideal it generates in S~ l A; for an ideal a of 5' _1 ^4, write 
o c for an A. Then: 

a ce = a for all ideals a of S 1-1 A 

a ec = a if a is a prime ideal of A disjoint from S. 



2 This notation conflicts with a later notation in which Z p denotes the ring of p-adic integers. 
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PROOF. Let o be an ideal in S~ l A. Clearly (a H A) e c a because ad A C a and o is an 
ideal in S~ X A. For the reverse inclusion, let b e a. We can write it b = a/s with a e A, 
s e S. Then a = s ■ (a/s) e afl A, and so a/s = (s ■ (a/s))/s e (af\A) e . 

Let p be a prime ideal disjoint from S. Clearly (S _1 p) D A D p. For the reverse inclu- 
sion, let a/s € (S p) fl A, a e p, s e S. Consider the equation | • s = a € p. Both a/s 
and 5 are in A, and so at least one of a/5 or 5 is in p (because it is prime); but s p (by 
assumption), and so a/j € p. □ 

Proposition 1.12 Let A be an integral domain, and let S be a multiplicative subset of 
A. The map p i->- p e = p • S~ X A is a bijection from the set of prime ideals in A such that 
p n S = to the set of prime ideals in S~ l A; the inverse map is p i-> p fl A. 

Proof. It is easy to see that 

p a prime ideal disjoint from S =>■ p e is a prime ideal in S _1 A, 

p a prime ideal in5 _1 ^4=^pn^4isa prime ideal in A disjoint from S, 

and (1.11) shows that the two maps are inverse. □ 

Example 1.13 (a) If p is a prime ideal in A, then A v is a local ring (because p contains 
every prime ideal disjoint from Sp). 

(b) We list the prime ideals in some rings: 



Note that in general, for t a nonzero element of an integral domain, 

{prime ideals of A t } ^ {prime ideals of A not containing t } 
{prime ideals of A/(t)} 4> {prime ideals of A containing t}. 

The Chinese remainder theorem 

Recall the classical form of the theorem: let d\ d n be integers, relatively prime in pairs; 
then for any integers x\, ...,x n , the congruences 



have a simultaneous solution x sZ; moreover, if x is one solution, then the other solutions 
are the integers of the form x + md with m e Z and d = \\ d\ . 

We want to translate this in terms of ideals. Integers m and n are relatively prime if and 
only if (m,n) = Z, i.e., if and only if (m) + («) = Z. This suggests defining ideals a and b 
in a ring A to be relatively prime if a + b = A. 

If m\,...,mk are integers, then (~](mi) = (m) where m is the least common multiple 
of the m/. Thus (~}(mi) D ([]m,), which equals [](/«,■). If the m; are relatively prime in 
pairs, then m = TJmj, and so we have (\(mi) = [](«,). Note that in general, 



Z/(42) 




(2) ,(3),(5),(7),(11),...,(0); 

(3) , (5), (7), (11),..., (0); 
(2),(0); 

(5), (11), (13),..., (0); 
(2), (3), (7). 



x = Xi mod dj 



ai ■ 02 ■ ■ ■ a„ C ai n 02 n ... n a„, 



The Chinese remainder theorem 
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but the two ideals need not be equal. 

These remarks suggest the following statement. 

THEOREM 1.14 Let 01 , a n be ideals in a ring A, relatively prime in pairs. Then for any 
elements x\ , ...,x n of A, the congruences 

x = Xi mod a,- 

have a simultaneous solution x G A; moreover, if x is one solution, then the other solutions 
are the elements of the form x + a with a e f] a*, and f] a,- = J~[ a,. In other words, the 
natural maps give an exact sequence 

n 

-> a -> A -> Y\ A l*i 
(=1 

with a = H a ; = 

PROOF. Suppose first that n = 2. As ai + 02 = A, there are elements a,- e a,- such that 
«i + 0-2 = 1- The element x = a 1X2 + #2X1 nas the required property. 
For each i we can find elements a,- e ai and € a, such that 

fll - + = 1, all i > 2. 
The product Yii>2( a i + h) = 1> an(1 nes in ai + ]~~[;>2 a * > an(1 so 

a i+n ; >2 a '=^ 

We can now apply the theorem in the case n = 2 to obtain an element y\ of A such that 
ji = lmodai, y\ = mod J~~J >2 a,- . 

These conditions imply 

ji = 1 mod 01, y\ = mod ay, all 7 > 1. 
Similarly, there exist elements yi,—,yn such that 

ji = 1 mod 0/ , yi = mod a/ for j ^ i. 

The element x = ^xiyi now satisfies the requirements. 

It remains to prove that f] o, = J~[ o, . We have already noted that f] a, Z> J~[ a,- . First 
suppose that n = 2, and let ai + ^2 = 1, as before. For c e ai D a2, we have 

c = a\c + CI2C e 01 -02 

which proves that 01 D 02 = aia2. We complete the proof by induction. This allows us 
to assume that J^[ I - >2 a/ = n;>2 a '- We showed above that 01 and ]~[;>2 a ' 316 relatively 
prime, and so 

^•(u £2 fl O =ain (n !£2 ^) = n^- 

The theorem extends to .4 -modules. 
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THEOREM 1.15 Let oi, a n be ideals in A, relatively prime in pairs, and let M be an 
A-module. There is an exact sequence: 

-> aM -> M -> Y\. M/ ai M -> 

with a = Y\ a/ = Pi a i ■ 

This can be proved in the same way as Theorem 1.14, but I prefer to use tensor products, 
which I now review. 



Review of tensor products 

Let M, N, and P be ^4-modules. A mapping f:MxN—*Pis said to be A-bilinear if 



f{m + m',n) = f(m,n) + f(jn',ri) 
f{m,n+n') = f(m,n) + f(m,n') 
f{am,n) = af{m,n) = f(m,an) 



all a e A, m,m' e M, n,n'eN. 



i.e., if it is linear in each variable. A pair (Q,f) consisting of an /1-module Q and an 
A -bilinear map /: M x N —> Q is called the tensor product of M and jV if every other 
A -bilinear map f'-.MxN—^-P factors uniquely into f' = ao f with a.Q—^-P ^4-linear. 
The tensor product exists, and is unique (up to a unique isomorphism making the obvious 
diagram commute). We denote it by M <g}^ N, and we write (m,n) i-> m <g>« for /. The 
pair (M ®a N, (m.n) \-> m <g>«) is characterized by each of the following two conditions: 

(a) The map M x N —> M <8>^ N is ^-bilinear, and every other ^4-bilinear map M x 
TV — > P is of the form (m,n) i-> a(m (8> n) for a unique ^4-linear map a: M (&a N -> P; 
thus 

Bibju(M xN,P) = Honu(M ® A N,P). 

(b) The ^4-module M <S>a N has as generators the m<S>n,m e M ,n € N ', and as relations 

(m + m') <S>n = m§§n-\-m'§§n 

m <S> (n + n') = m <g> n + m <g> n' \ allae^4, m,m'sM, n,n' e N. 
am <g>n = a(m <g> n) = mgan 

Tensor products commute with direct sums: there is a canonical isomorphism 
(©. Mi) ® A (0 . Nj) 5 0. . Mi ® A Nj , 

It follows that if M and N are free ^4-modules 3 with bases (e ; ) and (fj) respectively, then 
M <S>a N is a free ^4-module with basis (e, <8> fj). In particular, if V and W are vector 
spaces over a field k of dimensions m and « respectively, then V <8>/t W is a vector space 
over /c of dimension mn. 

Let a: M M ' and fi:N N' be ^-linear maps. Then 

(m,«) h^a(m)® [j(n):M xN ^ M' ®aN' 

3 Let M be an ^4-module. Elements ei, . . . , e m form a basis for Af if every element of M can be expressed 
uniquely as a linear combination of the e,- 's with coefficients in ^4. Then A m — >• M, (fli , . . . ,fl m ) !->■ 5Z fl i e i> ' s 
an isomorphism of ^4-modules, and M is said to be a /ree A-module of rank m. 



Review of tensor products 
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is A -bilinear, and therefore factors uniquely through M x N — > M ® A N. Thus there is a 
unique ^4-linear map a <g> /3: M ® A — > M' <S> A N' such that 

(a <g) /3)(m <8>«) = a(m) <8> /?(«). 

Remark 1.16 The tensor product of two matrices regarded as linear maps is called their 
Kronecker product. 4 If A is m x n (so a linear map /c" k m ) and 5 is r x s (so a linear 
map k s -¥ k r ), then A <g> 5 is the mrxns matrix (linear map fc ns — > fc mr ) with 

^ fln5 ■■• ci\ n B ^ 
A®B= : •.. : 

Lemma 1.17 Ifa:M-^M' and fi:N ->■ N' are surjective, then so also is 

a<g> f}:M ® A N -» M'® A N'. 
PROOF. Recall that M' <8> N' is generated as an ^-module by the elements m! <8> n', m! e 
M', n' e N'. By assumption m' = a(m) for some m e M and «' = /3(n) for some n € N, 
and so m' <g>n' = a(m) <g> /3(n) = (a <g> p)(m <g>n). Therefore the image of a (g> /3 contains a 
set of generators for M' ® A iV 7 and so it is equal to it. □ 

One can also show that if 

M' -> M M" -> 

is exact, then so also is 

M' ® A P -+ M ® A P -+ M" ® A P -+ 0. 
For example, if we tensor the exact sequence 

0^ a-» A^ A/a-^0 
with M, we obtain an exact sequence 

a® A M -> M -+ (A/a)® A M (2) 
The image of a <8U M in M is 

aM = {yja,m,- | a, € a, m,- e M}, 
and so we obtain from the exact sequence (2) that 

M/aM ~(A/a)® A M (3) 

By way of contrast, if M — > TV is injective, then M (8>yi P -*■ N ® A P need not be injective. 
For example, take A = Z, and note that (Z Z) (8>z (Z/mZ) equals Z/mZ — >• Z/mZ, 
which is the zero map. 

Proof (of Theorem 1.15) Return to the situation of the theorem. When we tensor the 
isomorphism 

A/a^Y[A/ ai 

with M, we get an isomorphism 

M/aM ~(A/a)® A M ^>Y[(A/ai)® A M ~Y\M/aiM, 
as required. □ 
4 Kronecker products of matrices pre-date tensor products by about 70 years. 
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Extension of scalars 

If A — >■ B is an ^4-algebra and M is an ^4-module, then B (&a M has a natural structure of 
a B -module for which 

b(b' ®m) = bb' <g>m, b,b'eB, me M. 

We say that B <8>^ M is the S-module obtained from M by extension of scalars. The map 
m h> 1 <8> wj: M — > 5 (g)^ M has the following universal property: it is ^4-linear, and for 
every ^4-linear map u:M N from M into a 5-module iV, there is a unique S-linear map 
a': B <S>a M ^ N such that a'(\ (g> m) = a(m). Thus a i-> a' defines an isomorphism 

Hom^(M,A^)^Hom s (S(g) / 4M,A^), AT a 5 -module. 

For example, ^4 <8u M = M. If M is a free yl-module with basis e\, . . . , e m , then B ®a M 
is a free 5 -module with basis 1 <g> e\ , . . . , 1 <8> e m . 

Tensor products of algebras 

If f:A—>B and g:A — > C are ^4-algebras, then B <S>a C has a natural structure of an 
^4-algebra: the product structure is determined by the rule 

(b®c)(b' ®c') = bb'®cc' 

and the map A — > B <8>^ C is a h> f(a) <g> 1 = 1 <8> g(a). 
For example, there is a canonical isomorphism 

a®f»af:K® k k[X l ,...,X m ]^K[X 1 ,... t X m ] (4) 
Tensor products of fields 

We are now able to compute K <S> k & if X is a finite separable field extension of a field k 
and i2 is an arbitrary field extension of k. According to the primitive element theorem (FT 
5.1), K = k [a] for some a e K. Let f(X) be the minimum polynomial of a. By definition 
this means that the map g(X) i-> g(a) determines an isomorphism 

k[X]/(f(X))^K. 

Hence 

K® k £2~ (k[X]/(f(X)))® k C2~ Q[X]/(f(X)) 

by (3) and (4). Because K is separable over k, f(X) has distinct roots. Therefore f(X) 
factors in Q [X] into monic irreducible polynomials 

f(X) = MX)-MX) 

that are relatively prime in pairs. We can apply the Chinese Remainder Theorem to deduce 
that 

Q[X]/(f(X)) = n; =1 S2[X]/(Jt(X)). 

Finally, Q [X]/ (/; (X)) is a finite separable field extension of Q of degree deg f\ . Thus we 
have proved the following result: 



Exercise 
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THEOREM 1.18 Let K be a finite separable field extension of k, and let Q be an arbitrary 
field extension. Then K <8>fc & is a product of finite separable field extensions of Q, 

If a is a primitive element for K/k, then the image ctj of a in ,£2; is a primitive element 
for Qil Q, and if f(X) and fj (X) are the minimum polynomials for a and a,- respectively, 
then 

/w=rii=i 

Example 1.19 Let K = Q[a] with a algebraic over Q. Then 

£® Q K ~ C ® Q (Q[X]/(/(X))) ~ C[X]/((f(Xj) ~ Y\ r i=i C[X]/(X- ai ) » C r . 

Here a\, . . . ,a r are the conjugates of a in C. The composite of h-> 1 (g> ft: K -> C <8>q K 
with projection onto the ith factor is Yl a j ocJ ^ 12 a j a i • 

We note that it is essential to assume in (1.18) that K is separable over k. If not, there 
will be an a 6 ^ such that a p e k but a k, and the ring K®^ K will contain an element 
/ 6 = (a<8>l-l<8>a)^0 such that 

fiP = a p «> 1 - 1 <g>a p = a p (l <g> l)-a p (l ® 1) = 0. 

Hence K®^ K contains a nonzero nilpotent element, and so it can't be a product of fields. 

Notes Ideals were introduced and studied by Dedekind for rings of algebraic integers, and later by 
others in polynomial rings. It was not until the 1920s that the theory was placed in its most natural 
setting, that of arbitrary commutative rings (by Emil Artin and Emmy Noether). 

Exercise 

1-1 Let A be an integral domain. A multiplicative subset S of A is said to be saturated if 

ab € S =>• a and b 6 S. 

(a) Show that S is saturated <^=> its complement is a union of prime ideals. 

(b) Show that given a multiplicative system S, there is a unique smallest saturated multi- 
plicative system S' containing S, and that S' = A x (J p, where p runs over the prime 
ideals disjoint from S. Show that S'~ l A = 5' _1 ^4. Deduce that 5 _1 ^4 is character- 
ized by the set of prime ideals of A that remain prime in S~ l A. 
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Rings of Integers 



Let A be an integral domain, and let L be a field containing A. An element a of L is said 
to be integral over A if it is a root of a monic polynomial with coefficients in A, i.e., if it 
satisfies an equation 

a n + aia"~ l -\ \-a„ = 0, at e A. 

Theorem 2. 1 The elements of L integral over A form a ring. 

I shall give two proofs of this theorem. The first uses Newton's theory of symmetric 
polynomials and a result of Eisenstein, and the second is Dedekind's surprisingly modern 
proof, which avoids symmetric polynomials. 

First proof that the integral elements form a ring 

A polynomial P(Xi,...,X r ) e A[X\,...,X r ] is said to be symmetric if it is unchanged 
when its variables are permuted, i.e., if 

P(X cy(l) ,...,X (r(r) ) = P(X u ...,X r ), allaeSym r . 

For example 

Si = Xj, S2 = ^^XiXj, S r = X\---X r , 

are all symmetric. These particular polynomials are called the elementary symmetric poly- 
nomials. 

Theorem 2.2 (Symmetric function theorem) Let A be a ring. Every symmetric polyno- 
mial P{X\,...,X r ) in A[X\,...,X r ] is equal to a polynomial in the symmetric elementary 
polynomials with coefficients in A, i.e., P e A[Si,..., S r ]. 

PROOF. We define an ordering on the monomials in the Xi by requiring that 

yil yi2 yi r ^ yjl yh yjr 
Aj 2. f 1 2 ^ /■ 

if either 

h + h H h ir > ji + h H 1- jr 
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or equality holds and, for some s, 

ii = ji,...,i s = j s , buU's+i > j s+ i. 

k\ k 

Let X 1 • ■ ■ X r r be the highest monomial occurring in P with a coefficient c / 0. Because 

k\ k 

P is symmetric, it contains all monomials obtained from X l • ■ ■ X r r by permuting the X's. 
Hence k\>k 2 >--->k r . 

Clearly, the highest monomial in Si is X\ ■ ■ ■ X; , and it follows easily that the highest 
monomial in sf 1 • • • sf r is 

v di+d2-\ \-d r v d2~\ Vd r v d r 

1 2 ' ' ' T 

Therefore 

P(Xi,...,X r )-cS^~ k2 S^ 2 ~ k3 ---S^ < P(X u ,,.,X r ). 

We can repeat this argument with the polynomial on the left, and after a finite number of 
steps, we will arrive at a representation of P as a polynomial in Si S r - □ 

Let f(X) = X" +axX n ~ l H \-a n e A[X], and letai,...,a„ be the roots of f(X) 

in some ring containing A, so that f(X) = Y[(X — at) in the larger ring. Then 

a\ = -Si(a\,...,a n ), a 2 = S 2 (ai, . . . ,a„), a n = ±S n (ai,...,a n ). 

Thus the elementary symmetric polynomials in the roots of f(X) lie in A, and so the 
theorem implies that every symmetric polynomial in the roots of / (X) lies in A. 

Proposition 2.3 Let A be an integral domain, and let Q be an algebraically closed field 
containing A. If a%, . . . ,a n are the roots in Q of a monic polynomial in A[X], then any 
polynomial g(a\ ,...,a n ) in the a,- with coefficients in A is a root of a monic polynomial in 
A[X]. 

Proof. Clearly 

h(X) = n aeSym „ (X - S(pia{i), ■ ■ .,«*(!,))) 

is a monic polynomial whose coefficients are symmetric polynomials in the a, , and there- 
fore lie in A. But g{a\, . . .,a n ) is one of its roots. □ 

We now prove Theorem 2.1. Let a\ and a 2 be elements of L integral over A. There 
exists a monic polynomial in A[X] having both a\ and a 2 as roots. We can now apply (2.3) 
with . . .) equal to a\ ± a 2 or a\a 2 to deduce that these elements are integral over A. 

Dedekind's proof that the integral elements form a ring 

Proposition 2.4 Let L be a field containing A. An element a of L is integral over A if 
and only if there exists a nonzero finitely generated A-submodule of L such that aM C M 
(in fact, we can take M = A[a], the A-subalgebra generated by a ). 
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Proof. =>•: Suppose 

a n + a\a n ~ l -\ \-a n = Q, at e A. 

Then the ^4-submodule M of L generated by I, a, a n ~ l has the property that aM C M. 

We shall need to apply Cramer's rule. As usually stated (in linear algebra courses) 
this says that, if 

m 

^CijXj = dt, i = l,,..,m, 
7 = 1 

then 

xj =det(C/)/det(C) 

where C = (cy ) and Cj is obtained from C by replacing the elements of the j th column 
with the djS. When one restates the equation as 

det(C)-x/ = det(C/) 

it becomes true over any ring (whether or not det(C ) is invertible). The proof is elementary — 
essentially it is what you wind up with when you eliminate the other variables (try it for 
m = 2). Alternatively, expand out 

Cll ... J2 c lj x j ■■■ c \m 

detCj : : : 

Cm 1 • • ■ Cm j Xj ■ • ■ C m n , 

using standard properties of determinants. 

Now let M be a nonzero A -module in L such that aM C M, and let vi, . . . , v n be a 
finite set of generators for M. Then, for each i, 

avj = ^ciijVj, some aij e A. 

We can rewrite this system of equations as 

(ot-fln)i;i -a\2V 2 -a\3V3 = 

-a2\V\ + (a-fl22)W2-<223f3 = 

••• = 0. 

Let C be the matrix of coefficients on the left-hand side. Then Cramer's rule tells us that 
det(C) • Vi = for all i. Since at least one Vi is nonzero and we are working inside the field 
L, this implies that det(C) = 0. On expanding out the determinant, we obtain an equation 

a n + c 1 a n ~ 1 +c 2 a n ~ 2 + --- + c n =0, a € A. a 

We now prove Theorem 2.1. Let a and ft be two elements of L integral over A, and let 
M and /V be finitely generated ^4-modules in L such that aM C M and fiN C N. Define 

MN = ^2 m i n i I m i 6 M, Hi e iVj . 

Then: 

(a) MN is an ^4-submodule of L (easy); 

(b) it is finitely generated because, if {ei,...,e m } generates M and {f\ ,...,/»} gener- 
ates N, then {e\fi,.,.,eifj,.,.,e m f n } generates MN; 

(c) it is stable under multiplication by a/3 and by a ± /3. 

We can now apply (2.4) to deduce that afi and a ± are integral over A. 
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Integral elements 

Definition 2.5 The ring of elements of L integral over A is called the integral closure 
of A in L. The integral closure of Z in an algebraic number field L is called the ring of 
integers Ol in L . 

Next we want to see that L is the field of fractions of Ol', in fact we can prove more. 

Proposition 2.6 Let K be the field of fractions of A, and let L be a field containing K. 
IfaeL is algebraic over K, then there exists ad e A such that da is integral over A. 

PROOF. By assumption, a satisfies an equation 

a m +a\a m ~ l H \-a m = 0, a\ € K. 

Let d be a common denominator for the a, , so that dai € A for all i , and multiply through 
the equation by d m : 

d m a m +a l d m a m - 1 + ... + a m d m = 0. 

We can rewrite this as 

(da) m + ai d{da) m - l + --- + a m d m = 0. 
As a\d, ... , a m d m e A, this shows that da is integral over A. □ 

Corollary 2.7 Let A be an integral domain with field of fractions K, and let B be the 
integral closure of A in a field L containing K. If L is algebraic over K, then it is the field 
of fractions of B. 

PROOF. The proposition shows that every a e L can be written a = ft/ ' d with fj e B, 
d e A. □ 

Definition 2.8 A ring A is integrally closed if it is its own integral closure in its field of 
fractions K, i.e., if 

a € K, a integral over A =>■ a e A . 

Proposition 2.9 A unique factorization domain, for example, a principal ideal domain, 
is integrally closed. 

PROOF. Let A be a unique factorization domain, and let a/b, with a,b e A, be an element 
of the field of fractions of A integral over A. If Ms a unit, then a/b e A. Otherwise we may 
suppose that there is an irreducible element it of A dividing b but not a. As a/b is integral 
over A, it satisfies an equation 

(a/b) n + a\(a/b)"~ l H ha„ = 0, a t € A. 

On multiplying through by b n , we obtain the equation 

a n +a l a n - 1 b + ... + a»b n =0. 

The element n then divides every term on the left except a n , and hence must divide a n . 
Since it doesn't divide a, this is a contradiction. □ 
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The proposition makes it easy to give examples of rings where unique factorization fails 
— take any ring which is not integrally closed, for example, Z[V5]. 

Example 2.10 (a) The rings Z and Z[i] are integrally closed because both are principal 
ideal domains. 

(b) Unique factorization fails in Z[V^3] because 

4 = 2 x 2 = (1 + V^3)(l - 7^3), 

and the four factors are all irreducible because they have the minimum norm 4. However, 
Z[V^3] C Z[<yT] which is a principal ideal domain (and hence the integral closure of Z in 
Q[V=3] = Q[^1]). 

(c) For every field k, I claim that the integral closure of k[S\ , S m ] in k(X\ X m ) 
is k[X\ X m ] (here the Si are the elementary symmetric polynomials). 

Let / e k(X\ X m ) be integral over k[S\ , . . . , S m ]. Then / is integral over k[X\ X m ], 
which is a unique factorization domain, and hence is integrally closed in its field of frac- 
tions. Thus / € k[X\,...,X m }. 

Conversely, let / e k[X\ X m ]. Then / is a root of the monic polynomial 

Y\ ( T ~ f( X ar(l)'- • • , Xa(m)))- 
CT£Sym m 

The coefficients of this polynomial are symmetric polynomials in the X[ , and therefore (see 
2.2) lie in k\S\ S r ]. 

Proposition 2.11 Let K be the field of fractions of A, and let L be an extension of K of 
finite degree. Assume A is integrally closed. An element a of L is integral over A if and 
only if its minimum polynomial over K has coefficients in A. 

PROOF. Let a be an element of L integral over A, so that 

a m + aia m ~ 1 + ... + a m = 0, somea,- ei. 

Let / (X) be the minimum polynomial of a over K. For any root a' of / (X), the fields K[a] 
and K[a'] are both stem fields for / (see FT p. 15), and so there exists a ^-isomorphism 

a:K[a]^ K[a'], o(u) = a'\ 

On applying a to the above equation we obtain the equation 

a' m +aia' m ~ l + ... + a m =0, 

which shows that a' is integral over A. Hence all the roots of / (X) are integral over A, and 
it follows that the coefficients of f(X) are integral over A (by 2.1). They lie in K, and A is 
integrally closed, and so they lie in A. This proves the "only if part of the statement, and 
the "if part is obvious. □ 

Remark 2.12 As we noted in the introduction, this makes it easy to compute some rings 
of integers. For example, an element a e Q[Vo] is integral over Z if and only if its trace 
and norm both lie in Z. 



Integral elements 



31 



PROPOSITION 2.13 If B is integral over A and finitely generated as an A-algebra, then it 
is finitely generated as an A-module. 

PROOF. First consider the case that B is generated as an ^4-algebra by a single element, say 
B = A[f3]. By assumption 

8" +ciiP n ~ l H Va n = 0, some a ; - e A. 

Every element of B can be expressed as a finite sum 

c + ciB + c 2 p 2 + --- + c N fi N , c t eA, 

and we can exploit the preceding equality to replace 8" (successively) with a linear combi- 
nation of lower powers of 8. Thus every element of B can be expressed as a finite sum 

Co + c x 8 + c 2 8 2 + --- + c n - l 8 n - 1 , qeA, 

and so 1 , 8, fi 2 , . . . , 8 n ~ l generate B as an ^4-module. In order to pass to the general case, 
we need a lemma. □ 

Lemma 2.14 Let A C B C C be rings. If B is finitely generated as an A-module, and C 
is finitely generated as a B -module, then C is finitely generated as an A-module. 

PROOF. If {/3i,...,/3 m } is a set of generators for B as an ^4-module, and {yi,...,y M } is a 
set of generators for C as a 5 -module, then {/?/)//} is a set of generators for C as an A- 
module. □ 

We now complete the proof of (2.13). Let f$i,..,,B m generate B as an ^4-algebra, and 
consider 

A C A\fii\ c A[8 U 8 2 ] C-C A[8 u ...,8 m ] = B. 

We saw above that A [^1] is finitely generated as an ^4-module. Since A[(3i , ^2] = ^4[|6i][^2]> 
and ($2 is integral over A[fii] (because it is over A), the same observation shows that 
A [^1,^2] is finitely generated as a A[0i] -module. Now the lemma shows that A[fi\,/32] 
is finitely generated as an ^4-module. Continuing in this fashion, we find that B is finitely 
generated as an A -module. 

Proposition 2.15 Consider integral domains Ac B cC; if B is integral over A, and C 
is integral over B, then C is integral over A. 

PROOF. Let y e C ; it satisfies an equation 

Y n + b 1 y"- 1 + --- + b n =0, bieB. 

Let B' = A[b\,...,b n ]. Then B' is finitely generated as an ^4-module (by the last proposi- 
tion), and y is integral over B' (by our choice of the and so B'[y] is finitely generated 
as an ^-module. Since C 5'[y], Proposition 2.4 shows that y is integral over A. □ 

Corollary 2.16 The integral closure of A in an algebraic extension L of its field of 
fractions is integrally closed. 

PROOF. Let B be the integral closure of A in L, and let C be the integral closure of B in 
L. Then C is integral over A, and so C C B. □ 
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Remark 2.17 In particular, the ring of integers in a number field is integrally closed. 
Clearly we want this, since we want our ring of integers to have the best chance of being a 
unique factorization domain (see 2.9). 

Example 2.18 Let k be a finite field, and let A' be a finite extension of k(X). Let Ok be 
the integral closure of k[X] in K. The arithmetic of Ok is very similar to that of the ring 
of integers in a number field. 

Review of bases of A -modules 

Let M be an ^4-module. Recall that a set of elements e\ ,...,e„ is a basis for M if 

(a) Yl a i e i = 0, a, € A =>■ all a,- = 0, and 

(b) every element x of M can be expressed in the form x — 

Let {ei,...,e n } be a basis for M, and let {f\,. ..,/«} be a second set of n elements in 
M . Then we can write fi — ^aijej, aij e A, and f\ is also a basis if and only if the 
matrix (a^) is invertible in the ring M n (A) of n x n matrices with coefficients in A (this is 
obvious). Moreover (a,y) is invertible in M n (A) if and only if its determinant is a unit in 

A, and in this case, the inverse is given by the usual formula: 

{at/)' 1 = adj(fly)-det(ay) _1 - 

def 

In the case that A = Z, the index of N = Z/i + Z/2 H h Z/ n in M is | det(fl/y ) | (assum- 
ing this is nonzero). To prove this, recall from basic graduate algebra that we can choose 
bases {<?■} for M and {f/} for N such that f{ = mie\, mi e Z, m ; > 0. If (<?■) = U ■ (e;) 
and (//) = F- (//), then (/,) = F _1 /)£/(<?,) where Z) = diag(mi, . . . ,m„), and 

det(F^ 1 Z)(7) = det(T _1 )-det(Z))-det(t/) = ]J m i = ( M ■ N )- 

Review of norms and traces 

Let A C B be rings such that B is a free ^4-module of rank n. Then every 8 e B defines an 
A -linear map 

x ^ Bx:B B, 

and the trace and determinant of this map are well-defined. We call them the trace T^b/aP 
andnorm Nmg/^ of B in the extension B/A. Thus if {ei,...,e n } is abasis for B over A, 
and Bet = J2 a ij e j' tnen ^ t b/a(P) — J2 a a an ^ ^ m B/A(fi) = det(a/y). When B D ^4 is a 
finite field extension, this agrees with the usual definition. The following hold (for a 6 A, 

B, B'eB): 

Tr(B + £') = TrOS) + Tr(fl') Nm(BB') = Nm(B) ■ Nm^') 

Tr(a^) = aTr(B) Nm(a) = a" 

Tr(a) = na 

Proposition 2.19 Let L/K be an extension of fields of degree n, and let B e L. Let 
/ (X) be the minimum polynomial of B over K and let B\ = B, 82, ■■■ , B m be the roots of 
f(X).Then 

TtL/KiP) = r(f3i + ■■■ + B m ), Km L/K (8) = (£1 • •• B m ) r 
where r = [L : K[B]] = n/m. 
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PROOF. Suppose first that L = K[fi], and compute the matrix of x i-> tlx relative to the 
basis { 1 , fl, . . . , fl n ~ l } — one sees easily that it has trace Pi an d determinant J~[ f$i . For 
the general case, use the transitivity of norms and traces (see FT 5.48). □ 

COROLLARY 2.20 Assume L is separable of degree n over K, and let {o\, ...,o n } be the 
set of distinct K-homomorphisms L Q where Q is some big Galois extension of K 
(e.g., the Galois closure of L over K). Then 

^L/K (P) = V\P + ••• + PnP, Nm L/I 06) = 010. - • <r n p. 
PROOF. Each pj occurs exactly r times in the family {ov/3}. □ 

Corollary 2.21 Let A be an integrally closed integral domain, and let L be a finite 
extension of the field of fractions K of A; if /3 € L is integral over A, then T*l/k ifi) an d 
Nm L/K (p) are in A. 

PROOF. We know that if /3 is integral, then so also is each of its conjugates. Alternatively, 
apply 2.11. □ 

Aside 2.22 Let L = K[a], and let a,\ = a,ai, . . . ,a n be the conjugates of a (in some Galois 
extension of K containing L). For any = g(a) in L, 

Nm L/JC 03) = n? =1 Tr L/K (ft) = £? =1 g(a,). 

This is a restatement of (2.20), and is Dedekind's original definition (Dedekind 1877, §17). 

Review of bilinear forms 

Let V be a finite-dimensional vector space over a field K. Recall that a bilinear form on V 
is a ir-bilinear map 

f-.Vx V -+ K. 

Such a form is symmetric if \[r(x,y) = xj/(y,x) for all x, y e V. The discriminant of a 
bilinear form \fr relative to a basis {e\,...,e m } of V is det(i/f (e,-, e y )). If {ft,..., f m } is a set 
of elements of V, and fj = J2 a ji e i> th en 

f(fk>fl) = ^2,f{akiei,aijej) = ^2a kr ^(ei,ej)-aij, 

ij i,j 

and so 

(ir(fk,fl)) = A-(xlr(ei,ej))-A« 
(equality ofmxm matrices) where A is the invertible matrix (ay). Hence 

det(^r (/,,/;)) = det(A) 2 .det(^(ei,e y )) (5) 

The form iff is said to be nondegenerate if it satisfies each of the following equivalent 
conditions: 

(a) x/r has a nonzero discriminant relative to one (hence every) basis of V; 

(b) the left kernel {v € V \ \j/(v,x) = for all x e V} is zero; 

(c) the right kernel of x/r is zero. 
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Thus if i/f is nondegenerate, the map \j/{v,x)) from V onto the dual vector space 

V v = Hom(K, K) is an isomorphism. Let {e\, e m } be a basis for V, and let fx, f m 
be the dual basis in V v , i.e., fi (ey) = (Kronecker delta). We can use the isomorphism 
V —> V y given by a nondegenerate form x(r to uansfer {f\ , f m } to a basis {e'j , e' m } of 
K; it has the property that 

For example, suppose {e\ ,...,e m } is a basis such that (^(e; , e y )) is a diagonal matrix — the 
Gram-Schmidt process always allows us to find such a basis when the form is symmetric 
— then e\ = a/f (<?; , <?,: ) . 

Discriminants 

If L is a finite extension of K (L and K fields), then 

is a symmetric bilinear form on L regarded as a vector space over K, and the discriminant 
of this form is called the discriminant of L/ K. 

More generally, let B D A be rings, and assume B is free of rank m as an ^4-module. 
Let Pi ,...,fi m be elements of B. We define their discriminant to be 

D(P x ,...,Pm) = tetQ*B/A(PiPj))- 

Lemma 2.23 If yj = Y^ajiPi, &ij € A, then 

D( Y i,...,Ym) = det(a i jf-D(B 1 ,...,B m ), 
Proof. See the proof of (5). □ 

If the /3s and ys each form a basis for B over A, then det(a/ 7 ) is a unit (see p32). Thus 
the discriminant D(f5\, ...,fi m ) of a basis {/Si , ...,fi m } of B is well-defined up to multiplica- 
tion by the square of a unit in A. In particular, the ideal in A that it generates is independent 
of the choice of the basis. This ideal, or D(fii, ...,fi m ) itself regarded as an element of 
A/A x2 , is called the discriminant disc(S/^4) of B over A. 

For example, when we have a finite extension of fields L/ K, disc(L/K) is an element 
of K, well-defined up to multiplication by a nonzero square in K. 

When A = Z, disc(S/^4) is a well-defined integer, because 1 is the only square of a unit 
in Z. 

Warning: We shall see shortly that, when K is a number field of degree m over Q, 
the ring of integers Ok in K is free of rank m over Z, and so disc(0^/Z) is a well- 
defined integer. Sometimes this is loosely referred to as the discriminant of K/Q — strictly 
speaking, disc(A'/Q) is the element of Q x /Q x2 represented by the integer disc(C^/Z). 

Proposition 2.24 Let A c B be integral domains and assume that B is a free A-module 
of rank m and that disc(S/^4) ^ 0. Elements Y\,...,Ym form a basis for B as an A-module 
if and only if 

(D(yi, Ym)) = (disc(B/A)) (as ideals in A). 
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PROOF. Let {/3i, ...,B m } be a basis for B as an ^4-module, and let yi, y m be any elements 
of B. Write Yj = !>2 a jiPi' a ji e A. Then 

D( Y i , .... Ym) (2 = 3) det(fly) 2 ■ D(fiu...,0 m ), 
and, as we noted earlier, {y\ , . . . , y m } is a basis if and only if det(a,y) is a unit. □ 

Remark 2.25 Take A = Z in (2.24). Elements yi , y2, . . . , Ym generate a submodule N of 
finite index in B if and only if D{yi , ■ ■ ■ , Ym) ^ 0, in which case 

D( Yl ,...,Y m ) = (B:N) 2 -disc(B/Z). 

To prove this, choose a basis fix, , . . ,B m for B as a Z-module, and write y,- = J2 a jiPi- 
Then both sides equal det(a/ 7 ) 2 ■ D(/3i , . . . , /3 m ). 

Proposition 2.26 Let L be a finite separable extension of the field K of degree m, and 
let oi, ...,a m be the distinct K-homomorphisms of L into some large Galois extension Q 
of L. Then, for every basis f5\,...,fi m of L over K, 

D(P 1 ,..„B m ) = det((T i B j ) 2 ^0. 
PROOF. By direct calculation, we have 

D(/3i B m ) £detCrr(ftj8/)) 

= d*(Zk°k(PiPj)) (by 2.20) 

= tet(£ k <T k (fii)-<T k (Pj)) 

= det(o- fc (^))-det(a fc (^)) 
= det(a fc (A)) 2 . 

Suppose that det(a, ^ 7 ) = 0. Then there exist c\, ...,c m e Q such that 

^ Cl ai(ySy) = 0all7. 

i □ 

By linearity, it follows that Yli CiOiiP) = for all ^ e L, but this contradicts Dedekind's 

theorem on the independence of characters (apply it with G = L x ) : 

Let G be a group and Q a field, and let o\ , a m be distinct homomorphisms 
G Q x ; then o\,...,o m are linearly independent over ,f2, i.e., there do not 
exist a 6 Q such that x \->- J2i c i°i ( x )'- G ->■ £2 is the zero map (FT 5. 14). 



Corollary 2.27 Let K be the field of fractions of A, and let L be a finite separable 
extension of K of degree m. If the integral closure B of A in L is free of rank m over A, 
then disc(B/ A) ^ 0. 

PROOF. If {/3i,...,/3 m } is a basis for B as an ^4-module, then it follows easily from (2.6) 
that it is also a basis for L as a ^-vector space. Hence disc(B/^4) represents disc(L/^T). □ 

Remark 2.28 (a) The proposition shows that the K -bilinear pairing 

(fl,P')^Tr(B-B'):LxL^ K 

is nondegenerate (its discriminant is disc(L/ K)). 

(b) The assumption that L/K is separable is essential; in fact, if L/K is not separable, 
then disc(L/ K) = (see Exercise 2-3). 
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Rings of integers are finitely generated 

We now show that Ok is finitely generated as a Z-module. 

Proposition 2.29 Let A be an integrally closed integral domain with field of fractions 
K, and let B the integral closure of A in a separable extension L of K of degree m. There 
exists free A-submodules M and M' of L such that 

M CB CM'. (6) 

Therefore B is a finitely generated A-module if A is Noetherian, and it is free of rank m if 
A is a principal ideal domain. 

PROOF. Let {B\, ...,fi m } be a basis for L over K. According to (2.6), there exists ad € A 
such that d-fli e B for all i . Clearly {d-R\,...,d- /3 m } is still a basis for L as a vector space 
over K, and so we may assume to begin with that each Bj e B . Because the trace pairing is 
nondegenerate, there is a "dual" basis {B' x , ...,fi' m } of L over K such that Tr(/3,- ■ B'.) = 8{j 
(see the discussion following (5), p33). We shall show that 

Api+Afa + - + Ap m <ZB cAB' x + Ap , 2 + ~- + AB' m . 

Only the second inclusion requires proof. Let B e B. Then /3 can be written uniquely as a 
linear combination 8 = ^bjfi'j of the B'. with coefficients bj 6 K, and we have to show 
that each bj e A. As Bj and fi are in B, so also is f$ ■ Bj, and so Tr(/3 ■ Bj) e A (see 2.21). 
But 

Tr(p.Bj) = TrC£bjP'j-Pi) = J^ b J Wj-fr) = Y. b j' & U = ^ 

j j j 

Hence bj e A. 

If A Noetherian, then M' is a Noetherian ^4-module (see 1.8), and so B is finitely 
generated as an ^4-module. If A is a principal ideal domain, then B is free of rank < m 
because it is contained in a free ^4-module of rank m, and it has rank > m because it contains 
a free ^4-module of rank m (see any basic graduate algebra course). □ 

COROLLARY 2.30 The ring of integers in a number field L is the largest subring that is 
finitely generated as a Z-module. 

PROOF. We have just seen that Ol is a finitely generated Z-module. Let B be another 
subring of L that is finitely generated as a Z-module; then every element of B is integral 
over Z (by 2.4), and so B C O l ■ □ 

Remark 2.31 (a) The hypothesis that L/K be separable is necessary to conclude that 
B is a finitely generated ^4-module (we used that the trace pairing was nondegenerate). 
However it is still true that the integral closure of k[X] in any finite extension of k(X) (not 
necessarily separable) is a finitely generated k[X] -module. 

(b) The hypothesis that A be a principal ideal domain is necessary to conclude from (6) 
that B is a free 4-module — there do exist examples of number fields L/K such that Ol 
is not a free 0^-module. 

(c) Here is an example of a finitely generated module that is not free. Let A = Z[V— 5], 
and consider the A -modules 

(2) C (2,1 + V C 5)CZ[V C 5]. 
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Both (2) and Z[V^5] are free Z[V^5] -modules of rank 1, but (2, 1 + V— 5) is not a free 
Z[v— 5] -module of rank 1, because it is not a principal ideal (see the Introduction). In fact, 
it is not a free module of any rank. 

Definition 2.32 When K is a number field, a basis a\, ...,a m for Ok as a Z-module is 
called an integral basis for K. 

Remark 2.33 We retain the notations of the proposition and its proof, 
(a) Let C = Afii C B, with fti a basis for L over K. Define 

C* = {ft 6 L | Tr(fiy) e A for all yeC}. 
fteC* Tr(PPi)eAfori = l,...,m, 



By linearity, 
and it follows that 
Thus we have: 



C = J2 A Pi c B c J2 A P'i = C *- 



(b) Write L = Q\J3] with ft € B, and let f(X) be the minimum polynomial of ft. Let 
C = Z\fi] = Zl + TLft + ■ ■■ + Z^™- 1 . We want to find C*. 
One can show (Artin 1959, Chapter 7) that 



Tr(07/'G8)) 



if < j < m - 2 

1 if z = m — 1 



(these formulas go back to Euler). It follows from this that 

detCTrGB' -ft^fift)) = (-1)* 

(the only term contributing to the determinant is the product of the elements on the other 
diagonal). If ft[,...,ft' m is the dual basis to I, ft, .. .,ft m ~\ so that Tr(j8 J ' • ft'j) = 8 U , then 

det(Tr(^'-^.)) = l. 
On comparing these formulas, one sees that the mattix relating the family 

{l/f'{ft),...,ft m - l /f'{ft)} 

to the basis 

{ft[,...,ft' m } 

has determinant ±1, and so it is invertible in M n (A). Thus we see that C* is a free A- 
module with basis {\/f'(ft), . . . , ft m ~ l / f {ft)}: 

C=A[ft]cBcf'(ftr 1 A[ft] = C*. 
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Finding the ring of integers 

We now assume A' to be a field of characteristic zero. 

Proposition 2.34 Let L = K[fi] some /}, and let f(X) be the minimum polynomial of 
/3 over K. Suppose that f (X) factors into Y[(X ~ Pi) over the Galois closure of L. Then 

D(l,/3,l3 2 ,...,r- 1 )= ]1 = (- l) m(m - 1)/2 • Nm L/jr (/'(0)). 

1 <i < j <m 

Proof. We have 

Z)(l,y8,/3 2 ,...,jS m - 1 ) =det(CT,(^')) 2 (2.26) 
= detG6/') 2 

= (Ui <j (Pi -Pj)) 2 (Vandermonde) 
= (-l) m(fn - 1)/2 'Ui([\j^(fii-Pj)) 
= (-l) m(m - 1)/2 -I\jf'(Pj) 

= (-l) /M ( w - 1 )/ 2 Nm(/ / (^)). n 

The number in (2.34) is called the discriminant of f(X). It can also be defined as the 
resultant of f(X) and f'(X). The discriminant of / lies in K, and it is zero if and only if 
/ has a repeated root. It is a symmetric polynomial in the fa with coefficients in K, and so 
(by 2.2) it can be expressed in terms of the coefficients of / (X), but the formulas are quite 
complicated. 

Example 2.35 We compute the discriminant of 

f(X) = X n +aX + b, a,beK, 
assumed to be irreducible and separable. Let /3 be a root of / (X), and let 

Y = f(P) = nP n - 1 +a. 
We compute Nm^[ J g]/j^(y). On multiplying the equation 

P n +ap + b = 
by nfi~ l and rearranging, we obtain the equation 

nfi"- 1 = -na-nbp- 1 . 

Hence 

Y = n p n ~ l +a = -(n- \)a-nbp~ l . 

Solving for /3 gives 

P = — 7~( W' 

y + (n - \)a 

from which it is clear that K[/3] = K[y], and so the minimum polynomial of y over K also 
has degree n. If we write 

f( Y Mf" b u ) = P(X)/Q(X), 
\X + (n — \)a ) 
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then P(y)/Q(y) = f(fi) = and so P(y) = 0. Since 

P(X) = (X + (n-l)a) n -na{X + (n-\)a) n ~ l + {-l) n n n b n ~ l 

is monic of degree n, it must be the minimum polynomial of y. Therefore Nm(y) is (— 1)" 
times the constant term of this polynomial, and so we find that 

Nm(y) = n"i"- 1 + (-ir 1 («-ir 1 fl"- 
Finally we obtain the formula: 

disc(X n +aX +b) = (-X) n{ "- l)l2 (n n b n - 1 + (-l) n_1 (« - 1) B_ V) 

For example: 

disc(X 2 + aX + b) = -4b + a 2 , 
discLY 3 +aX + b) = -21b 2 - 4a 3 , 
disc(Z 4 + aX + b) = 256b 3 - 27a 4 , 
disc(Z 5 + aX + b) = 5 5 b 4 + 4 4 a 5 . 

For polynomials more complicated than the above, use a computer program. For exam- 
ple, typing 

poldisc (X~3+a*X~2+b*X+c) 
in PARI returns 

-4*c*a~3 + b~2*a~2 + 18*c*b*a + (-4*b~3 - 27*c~2) 
i.e., -4ca 3 + b 2 a 2 + IScba + (-4b 3 - 21c 2 ). 

The general strategy for finding the ring of integers of K is to write K = Q[a] with a 
an integer in K, and compute D(\,a, ...,a m ~ l ). It is an integer, and if it is square-free, then 
{l,a, ...,a m ~ 1 } is automatically an integral basis, because (see 2.25) 

D(l,a,...,a m_1 ) = disc(0 K /Z)-(0 K :Z[a]) 2 . (7) 

If it is not square-free, {I, a, ...,a m ~ 1 } may still be an integral basis, and sometimes one 
can tell this by using Stickelberger's theorem (see 2.40 below) or by looking at how primes 
ramify (see later). If {l,a, ...,a m ~ 1 } is not an integral basis, one has to look for algebraic 
integers not in £]Z -a 1 (we describe an algorithm below). 

Example 2.36 The polynomial X 3 — X — 1 is irreducible 1 in Q[X], because, if it factored, 
it would have a root in Q, which would be an integer dividing 1. Let a be a root of X 3 — 
X-l. We have 

Z)(l,a,o; 2 ) = disc(/(Z)) = -23, 

which contains no square factor, and so {I, a, a 2 } is an integral basis for Q[a] (and Z[a] is 
the ring of integers in Q[a]). 

Example 2.37 The polynomial X 3 + X + 1 is irreducible in Q[X], and, for any root 
a of it, D(l,a,u 2 ) = disc(f(X)) = —31, which contains no square factor, and so again 
{1, a, a 2 } is an integral basis for Q[a]. 



In fact, this is the monic irreducible cubic polynomial in TL\X\ with the smallest discriminant. 
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Example 2.38 This example goes back to Dedekind. Let K = Q[ct], where a is a root of 

f(X) = X 3 + X 2 -2X + 8. 

The discriminant of / is —2012 = —4-503, but Dedekind showed that Ok ^ and so 
disc(0/Z) = —503. In fact Dedekind showed that there is no integral basis of the form 1, 
/3, /3 2 (see Weiss 1963, pl70; for another example of this type, see Exercise 2-6.) 

Example 2.39 Consider the field Q[a] where a is a root of f(X) = X 5 - X - 1. This 
polynomial is irreducible, because it is irreducible in F3[X]. The discriminant of f(X) is 
2869 = 19- 151, and so the ring of integers in Q[a] is Z[a]. 

Proposition 2.40 Let K be an algebraic number field. 

(a) The sign of disc(X/Q) is (— l) s , wherels is the number of homomorphisms K C 
whose image is not contained in M.. 

(b) (Stickelberger's theorem) disc(C^/Z) = or 1 mod 4. 

PROOF, (a) Let K = Q[ot], and let ot\ = a, ai, a r be the real conjugates of a and a r +\, 
a r +i, .,.,a r + s ,a r + s the complex conjugates. Then 

sign(D(l,...,Q! m_1 )) = sign^ i< . <j (a,. + i -a r+i )\ 

because the other terms are either squares of real numbers or occur in conjugate pairs, and 
this equals (— l) s . 

(b) Recall that disc(0^/Z) = det(a,ay) 2 , where a\,...,a m is an integral basis. Let P 
be the sum of the terms in the expansion of det(a, a 7 ) corresponding to even permutations, 
and —N the sum of the terms corresponding to odd permutations. Then 

disc(C^/Z) = (P - N) 2 = (P + N) 2 - APN. 

If t is an element of the Galois group of the Galois closure of K over Q, then either zP = P 
and r./V = N, or zP = N and tA^ = P. In either case, r fixes P + N and PN, and so they 
are rational numbers. As they are integral over Z, they must in fact be integers, from which 
it follows that 

disc(0^/Z) = (P + N) 2 = Oor 1 mod 4. n 

Example 2.41 Consider the field Q[V^]> where m is a square-free integer. 

Case m = 2,3 mod 4. Here D(l, *Jm) = disc(X 2 —m) = Am, and so Stickelberger's 
theorem shows that disc(0^/Z) = Am, and hence {1, ~Jm} is an integral basis. 

Case m = 1 mod 4. The element (1 + x /m)/2 is integral because it is a root of X 2 — 
X + (l-m)/4. As D(l,(l + y/m)/2) = m, we see that {1,(1 + Jm)/2} is an integral 
basis. 

Remark 2.42 Let K and K' be number fields. If K and K' are isomorphic, then they 
have the same degree and the same discriminant, but the converse statement is false. For 
example, there are four nonisomorphic cubic number fields with discriminant —4027 (4027 
is prime). See (3.48) and (3.49) for two of them. 

The curious may wonder why we didn't give an example of a field generated over Q by 
an integral element whose minimum polynomial has discriminant ± 1 . The reason is that 
there is no such polynomial of degree > 1 — see (4.10). In fact, the smallest discriminant 
is 3, which occurs for Q[v — 3]. 
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Algorithms for finding the ring of integers 

By an algorithm I mean a procedure that could (in principle) be put on a computer and is 
guaranteed to lead to the answer in a finite number of steps. Suppose the input requires 
N digits to express it. A good algorithm is one whose running time is < N c for some 
c. For example, there is no known good algorithm for factoring an integer. By a practical 
algorithm I mean one that has been (or should have been) put on a computer, and is actually 
useful. 

The following variant of (2.29) is useful. Let A be a principal ideal domain with field 
of fractions K, and let B be the integral closure of A in a finite separable extension L of K 
of degree m . 

Proposition 2.43 Let fii,...,fi m be a basis for L over K consisting of elements of B, 
and let d = disc(/?i, ...,/3 m ). Then 

A-B l + ... + A-p m cBcA-(B 1 /d) + ... + A-(p m /d). 
Proof. Let fi e B, and write 

= Xifii H VXmfim, Xi e K. 

Let o\,...,cr m be the distinct ^-embeddings of L into some large Galois extension Q of 
K. On applying the a's to this equation, we obtain a system of linear equations: 

(TiP = xxOifii +x 2 Oip2-\ hx ra ffij8 m , i = l,...,m. 

Hence by Cramer's rule 

Xi = Yi/8 

where 8 = det(a/j8/) and y ; - is the determinant of the same matrix, but with the 2 th column 
replaced with (ojfi). From (2.34), we know that 8 2 = d. Thus x, = y\8jd, and y/5 is 
an element of K (because it equals dxi) and is integral over A. Therefore yi8 e A, which 
completes the proof. □ 

Thus there is the following algorithm for finding the ring of integers in a number field 
K. Write K = Q[a] where a is integral over Q. Compute d = disc(l,a, ...,a m_1 ). Then 

Z[a] cO K C d~ l Z[a]. 

Note that (d~ 1 Z[a]:Z[a]) = d m , which is huge but finite. Each coset ft + Z[a], ft e 
d~ x 7L\a\, consists entirely of algebraic integers or contains no algebraic integer. Find a 
set of representatives j3\,,,.,B n for Z[a] in d~ l ls[a], and test each to see whether it is in- 
tegral over Z (the coefficients of its minimum polynomial will have denominators bounded 
by a power of d, and so it is possible to tell whether or not they are integers by computing 
them with sufficient accuracy). 2 

Unfortunately this method is not practical. For example, 

f(X) = X 5 + 17X 4 + 3X 3 + 2X 2 + X + 1 

2 If you know the ring of integers of a field, it is easy to find the discriminant. Conversely, if you know the 
discriminant, this will help in finding the ring of integers; for example, you may get lucky and find an a such 
that the discriminant of Z[a] over Z is equal to the discriminant of Or. 
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is irreducible, and has discriminant 285401001. Hence, if a is a root of f(X) and K = 
Q[a], then the index of Z[a] in + + ■ • • + Z^ is (285401001) 5 . Actually, as luck 
would have it, 285401001 = 3 - 179-233-2281 is square-free, and so O k = %[<*]. 

Note that PARI can compute the minimum polynomial of an algebraic number. For 
example, let a = y/ 1 + V7. We first type "a=sqrtn(l+sqrt (7) ,3)" in PARI, which 
reports that a=\. 539084083333266359084139071. Now "algdep(a,6)" asks PARI for a 
minimum polynomial for a of degree at most 6, which (correctly) reports it to be 

X 6 -2X 3 -6 = (X 3 - I) 2 -7. 

Unfortunately, of course, PARI will find a "minimum polynomial" for a even when a is 
transcendental. 

I now discuss a practical algorithm for finding Ok for small degrees and small discrim- 
inants from Pohst and Zassenhaus 1989 (see also Cohen 1993, 6.1). The basic strategy is to 
start with a known order 7L\a\ in Ok and enlarge it for every prime p such that p 2 divides 
the discriminant of disc (1, a, . . . ,a m_1 ) until a maximal order is obtained. 

The next result will help us get an idea of what should be possible. 

Lemma 2.44 Let (A, 8) be Euclidean domain, and let M be an mxm matrix with coef- 
ficients in A. Then it is possible to put M into upper triangular form by elementary row 
operations of the following type: 

(rl) add a multiple of one row to a second; 
(r2) swap two rows. 

PROOF. By definition 8: A Z is a function with the following property: for any two 
elements a , b of A with a ^ 0, there exist elements q and r such that 

b = qa + r, with r = or 8{r) < 8(a). 

Apply an operation of type (r2) so that the element of the first column with the minimum 8 is 
in the (1, Imposition. If an divides all elements in the first column, we can use operations 
of type (rl) to make all the remaining elements of the first column zero. If not, we can use 
(rl) to get an element in the first column that has smaller <5-value than an, and put that 
in the (1,1) position. Repeat — eventually, we will have the gcd of the original elements 
in the first column in the (1,1) position and zeros elsewhere. Then move onto the next 
column □ 

Remark 2.45 (a) The operations (rl) and (r2) are invertible in matrices with coefficients 
in A, and they correspond to multiplying on the left with an invertible matrix in M„(A). 
Hence we have shown that there exists an invertible matrix U in M n (A) such that UM is 
upper triangular. On taking transposes, we find that for every matrix M e M n (A), there is 
an invertible matrix U in M n (A) such that MU is lower triangular, 
(b) Take A = Z (for simplicity), and add the (invertible) operation: 

(r3) multiply a row by — 1 . 

Using (rl,r2,r3), it is possible to make the triangular matrix T = UM satisfy the fol- 
lowing conditions (assuming det(M) ^ 0): 
an > for all i; 

the elements aij of the y'th column satisfy < ajj < ajj. 
Then T is unique. It is called the Hermite normal form of A. 
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Consider the field K = Q[a] generated over Q by the algebraic integer a with minimum 
polynomial f(X). Let {co\, ...,co n } be abasis for Ok as a Z-module, and write 

A = M-Q 

where A = (I, a, ...,a n ~ v ) tv and Q = (a>i, ...,0) n ) tr . Choose U so that MU is lower trian- 
gular (and in Hermite normal form), and write 

A = MIJ -V~ X Q = T ■ Q' . 

Here Q' = U~ l Q is again a Z-basis for Ok, and Q' = T^ 1 - A with T~ l also lower 
triangular (but not necessarily with integer coefficients). Thus 
<Wj = a 1 1 1 ; 

a>2 = ^21 1 +^22^; 
etc., 

where d-a u eZ,d = |det(M)| = |det(r)|. 

Example 2.46 Let K = Q[^/m\, m square-free, m = 1 (mod 4). The integral basis 

1 + sfm 
' 2 

is of the above form. 

In Pohst and Zassenhaus 1989, 4.6, there is an algorithm that, starting from a monic 
irreducible polynomial 

f(X) = X n +a 1 X n - 1 + --- + a n , a„eZ, 
constructs an integral basis co\, ...,(O n , such that 

m = (j2a ik a'^j /Ni 

where 

a is a root of f(X), e Z, iV,- e Z, gcd(a,i, ...,«,,) = 1. 
In an Appendix, they use it to show that Q[a], where a is a root of 

f(X) = X u + 101X 10 + 4151X 9 + ----332150625, 

has an integral basis 
0)1 = 1, 

a) 2 = (l/2)a + l/2 
co 3 = (l/4)a 2 -l/4 

0) 4 = (l/8)a 3 + (l/8)a 2 -(l/8)a-l/8 

Wll = ( 1 /9 103145472000)a 10 + ■■■-4064571/49948672. 

The discriminant of / is 2 130 x 3 12 x 5 12 x 29 18 x 82231 6 , and the index of Z[a] in O k 
is 2 56 x 3 6 x5 3 x29 9 . 
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The first step is to compute Z)(l,a,a 2 , . . .) = disc(/ (X)) and to find its square factors. 
Finding the square factors of disc(/ (X)) is the most time-consuming part of the algorithm. 
The time taken to factor an N -digit number is exponential in the number of digits of N. 
Every computer can factor a 50 digit number easily, but after that it becomes rapidly more 
difficult. Hundred digit numbers are already difficult. Thus this is not a good algorithm in 
the above sense. Once one has found the square factors of disc(/(X)) the algorithm for 
computing an integral basis of the above form is good. 

USING PARI 

To determine whether a polynomial / is irreducible, use polisirreducible (f ). For 
example, polisirreducible (X~5+17*X~4+3*X~3+2*X~2+X+1) returns 1, which means 
that X 5 + 17X 4 + 3X 3 + 2X 2 + X + 1 is irreducible, and polisirreducible (X~2-l) 
returns 0, which means that X 2 — 1 is reducible. 

To find the discriminant of a polynomial /, use poldisc (f ) . For example, 
poldisc(X~5+17*X~4+3*X~3+2*X-2+X+l) returns 285401001, and poldisc (X~2+3) 
returns -12. 

To study the stem field of a polynomial /, use nfinit(f). For example, 
nf init(X"5-5*X"3+4*X-l) returns 
[X~5 - 5*X~3 + 4*X - 1, [5, 0], 38569, . . .] 

which means that X 5 — 5X 3 + 4X — 1 has 5 real roots and no nonreal roots and that its stem 
field Q[a] has discriminant 38569. Moreover, typing 
nf basis (X~5-5*X~3+4*X-1) returns 
[1, X, X"2, X"3, X~4], 

which means that [l,a,a 2 ,a 3 ,a 4 } is an integral basis for Q [a] (cf. p41). 

On the other hand, typing 
nf init(X~2+3) returns 
[X~2 + 3, [0, 1] , -3, . . .] 

which means that, X 2 + 3 has no real roots and one conjugate pair of complex roots, and 



For Dedekind's polynomial in (2.38), PARI says that it has one real root and one conju- 
gate pair of nonreal roots, and that its stem field has discriminant —503. It finds the integral 



as predicted by Equation 7, p39. 

NOTES As noted earlier, it was Dedekind who found the correct definition of the ring of integers 
in a number fields. Earlier authors either luckily chose the correct ring, e.g., Kummer chose Z[£], 
£ n = 1, which is the ring of integers in Q[£], or unluckily chose the wrong ring, e.g., Euler gave a 
proof of Fermat's last theorem for the exponent 3, which becomes correct when the ring Z[V^3] is 
replaced in the proof by its integral closure Z[£], £ 3 = 1. 




basis {I, a, \ol 2 + \u}. Note that 



Z[or] = Z[l,a,a 2 + a], 



and that 
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Exercises 

2-1 Since Z[V5] is not integrally closed, it can not be a unique factorization domain. 
Give an example of an element of Z[V5] that has two distinct factorizations into irreducible 
elements. 

2-2 Let A be an integrally closed ring, and let K be its field of fractions. Let f (X) e A[X] 
be a monic polynomial. If / (X) is reducible in K[X], show that it is reducible in A[X]. 

2-3 Show that if L/ K is not separable, then disc(L/K) = 0. 

2-4 Let o = (2, 1 + V^) in Z[\/ = 3]. Show that o ^ (2), but a 2 = (2) a. Conclude that 
ideals in Z[V^3] do not factor uniquely into prime ideals. (Hence Z[V^3] is the wrong 
choice for the ring of integers in Q[V— 3].) 

2-5 Let A be a subring of a ring B, and let /3 be a unit in B. Show that every a e 
A[f3] fl ^4[/3 _1 ] is integral over A. [This has a short solution, but it's not obvious.] 

2-6 Let K = Q[V7, V^IO], and let a be an algebraic integer in K. The following argument 
will show that O k ^ Z[a]. 

(a) Consider the four algebraic integers: 

a x = (1 + V7)(l + ^10); 
a 2 = (1 + V7)(1-VT0); 
a 3 = (1- V7)(l + yi0); 
a 4 = (1-77)0-710). 

Show that all the products a; a/, i ^ j, are divisible by 3 in Ok, but that 3 does not divide 
any power of any a;. [Hint: Show that a" /3 is not an algebraic integer by considering its 
trace: show that Tr(a") = Q^aJ) = 4" (mod 3) in Z[a]; deduce Tr(a") = 1 (mod 3) in Z.] 

(b) Assume now that Ok = Z[a] — we shall derive a contradiction. Let f(X) be the 
minimum polynomial of a over Q. For g(X) e Z[X], let g(X) denote the image of g in 
F3[X], F3 = Z/ (3). Show that g(a) is divisible by 3 in Z[a] if and only if g is divisible by 
fm¥ 3 [X]. 

(c) For each i, 1 < i < 4, let fi be a polynomial in Z[X] such that a ; - = fi(a). Show 
that f\fifj (i 7^ 7) in F3[Z], but that / does not divide f" for any n. Conclude that for 
each i , f has an irreducible factor which does not divide fi but does divide all fj , j ^ i . 

(d) This shows that / has at least four distinct irreducible factors over F3. On the other 
hand, / has degree at most 4. Why is this a contradiction? 



Chapter 



Dedekind Domains; Factorization 



Es steht schon bei Dedekind. 
(It's already in Dedekind.) 
Emmy Noether 

In this Chapter, we define the notion of a Dedekind domain, and prove that 

o ideals in Dedekind domains factor uniquely into products of prime ideals, and 
o rings of integers in number fields are Dedekind domains, 

but first we consider a local version of a Dedekind domain. 

Discrete valuation rings 

The following conditions on a principal ideal domain are equivalent: 

(a) A has exactly one nonzero prime ideal; 

(b) up to associates, A has exactly one prime element; 

(c) A is local and is not a field. 

A ring satisfying these conditions is called a discrete valuation ring. Later we shall define 
discrete valuations, and so justify the name. 

def 

Example 3.1 The ring Z( p ) = {™ e Q | n not divisible by p} is a discrete valuation ring 
with (p) as its unique nonzero prime ideal. The units in Z( p ) are the nonzero elements m/n 
with neither m nor n divisible by p, and the prime elements are those of the form unitx p. 

In a discrete valuation ring A with prime element n, nonzero elements of A can be 
expressed uniquely as un m with u a unit and m > (and m > unless the element is a 
unit). Every nonzero ideal in A is of the form (n m ) for a unique m e N. Thus, if a is an 
ideal in A and p denotes the (unique) maximal ideal of A, then a = p m for a well-defined 
integer m > 0. 

Recall that, for an ^-module M and an m e M, the annihilator of m 

Ann(m) = {a e A \ am = 0}. 

It is an ideal in A, which is proper if m ^ 0. Suppose that A is a discrete valuation ring, 
and let c be a nonzero element of A. Let M = A/(c). What is the annihilator of a nonzero 
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element b + (c) of Ml Fix a prime element it of A, and let c = uit m , b = viz" with u and 
t> units. Then n <m (else 6 + (c) = in M), and 

Ann(6 + (c)) = (7r m -"). 

Thus, a 6 for which kxm{b + (c)) is maximal, is of the form vit m ~ l , and for this choice 
ksm(b + (c)) is a prime ideal generated by |. We shall exploit these observations in the 
proof of the next proposition, which gives a criterion for a ring to be a discrete valuation 
ring. 

Proposition 3.2 An integral domain A is a discrete valuation ring if and only if 

(a) A is Noetherian, 

(b) A is integrally closed, and 

(c) A has exactly one nonzero prime ideal. 

PROOF. The necessity of the three conditions is obvious, and so let A be an integral domain 
satisfying (a), (b), and (c). We have to show that every ideal in A is principal. As a first 
step, we prove that the nonzero prime ideal is principal. Note that (c) implies that A is a 
local ring. 

def 

Choose an element c e A, c ^ 0, c ^ unit, and consider the ^4-module M = A/{c). For 
each nonzero element m of M , 

Ann(m) = {a e A \ am = 0} 

is a proper ideal in A. Because A is Noetherian, we can choose an m so that Ann(m) is 
maximal among these ideals. Write m = b + (c) and p = Ann(& + (c)). Note that c e p, 
and so p ^ 0, and that 

p = {a e A | c\ab}. 

I claim that p is prime. If not there exist elements x, y e A such that xy e p but neither 
x nor yep. Then yb + (c) is a nonzero element of M because y p. Consider Ann(yb + 
(c)). Obviously it contains p and it contains x, but this contradicts the maximality of p 
among ideals of the form Ann(m). Hence p is prime. 

I claim that | ^ A. Otherwise b = c • | e (c), and m = (in M). 

I claim that ^ £ A, and p = (|). By definition, pb C (c), and so p • | C A, and it is an 
ideal in A. If p ■ * C p, then * is integral over A (by 2.4, since p is finitely generated), and 
so ^ e A (because of condition (b)), but we know * ^ A. Thus p-^ = A (by (c)), and this 
implies that p = (|). 

Let n — |, so that p = (n). Let a be a proper ideal of A, and consider the sequence 

a C an~ l C an~ 2 C ••• . 

If an~ r = an~ r ~ x for some r, then tt -1 (cur - '") = an~ r , and 7r _1 is integral over A (by 
2.4), and so lies in A — this is impossible {it is not a unit in A). Therefore the sequence 
is strictly increasing, and (again because A is Noetherian) it can't be contained in A. Let 
m be the smallest integer such that ait~ m C A but ait~ m ~ l ^ A. Then ait~ m (f- p, and so 
ait~ m = A. Hencea=(0. □ 
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Dedekind domains 

Definition 3.3 A Dedekind domain is an integral domain A such that 

(a) A is Noetherian, 

(b) A is integrally closed, and 

(c) every nonzero prime ideal is maximal. 

Thus Proposition 3.2 says that a local integral domain is a Dedekind domain if and only 
if it is a discrete valuation ring. 

Proposition 3.4 Let A be a Dedekind domain, and let S be a multiplicative subset of A. 
Then S _1 A is a Dedekind domain. 

PROOF. Condition (c) says that there is no containment relation between nonzero prime 
ideals of A. If this condition holds for A, then (1.12) shows that it holds for S~ l A. Condi- 
tions (a) and (b) follow from the next lemma. □ 

Proposition 3.5 Let A be an integral domain, and let S be a multiplicative subset of A. 

(a) If A is Noetherian, then so also is S~ } A. 

(b) If A is integrally closed, then so also is S _1 A. 

Proof, (a) Let a be an ideal in S~ l A. Then a = 5 _1 (an A) (see 1.11), and so a is 
generated by every (finite) set of generators for a D A. 

(b) Let a be an element of the field of fractions of A (= field of fractions of S -1 A) that 
is integral over S~ l A. Then 

a m +aia m ~ l H Ya m = 0, some a\ e S _1 A. 

For each i, there exists an Si e S such that e A. Set s = Si ■■■s m e S, and multiply 
through the equation by s m : 

(sa) m + sa l (sa) m - 1 + — + s m a m = 0. 

This equation shows that sa is integral over A, and so lies in A. Hence a = (sa)/s € 
S~ l A. □ 

Proposition 3.6 A noetherian integral domain A is a Dedekind domain if and only if, 
for every nonzero prime ideal p in A, the localization A p is a discrete valuation ring. 
PROOF. =>■: We saw in (1.13a) that A p is local, and the proposition implies that it is 
Dedekind. 

•<=: We have to show that A is integrally closed. Let x be an element of the field of 
fractions of A that is integral over A, and let o be the set of elements a of A such that 
ax e A. For each nonzero prime ideal p in A, x e A p , and so there exists an s e A \ p such 
that sx € A. Now a is an ideal not contained in any maximal ideal of A, and so a = A. In 
particular, lea. □ 

According to the above definition, a field is a Dedekind domain. In future, we shall 
exclude fields from being Dedekind domains (conventions vary). 

Notes It's not possible to drop "noetherian" from (3.6): there exist nonnoetherian integral domains 
A such that A p is a discrete valuation ring for all nonzero p. However, a commutative ring A such 
that ^4 m is noetherian for all maximal ideals m is itself noetherian if every nonzero element of A is 
contained in only finitely many maximal ideals (mol 14715). 
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Unique factorization of ideals 

The main result concerning Dedekind domains is the following. 



Theorem 3.7 Let A be a Dedekind domain, 
written in the form 

with the pi distinct prime ideals and the r\ > 0; 
The proof will require several lemmas. 



Every proper nonzero ideal a of A can be 



the pi and the r; are uniquely determined. 



Lemma 3.8 Let A be a Noetherian ring; then every ideal a in A contains a product of 
nonzero prime ideals. 

PROOF. (Note the similarity to the proof of 1.4.) Suppose not, and choose a maximal 
counterexample a. Then a itself can not be prime, and so there exist elements x and y of A 
such that xy e a but neither x nor yea. The ideals a + (x) and a + (y) strictly contain o, 
but their product is contained in a. Because a is a maximal counterexample to the statement 
of the lemma, each of a + (x) and a + (y) contains a product of prime ideals, and it follows 
that a contains a product of prime ideals. □ 

Lemma 3.9 Let A be a ring, and let o and b be relatively prime ideals in A; for any m, 
n e N, a m and b" are relatively prime. 

PROOF. If a m and b n are not relatively prime, then they are both contained in some prime 
(even maximal) ideal p. But if a prime ideal contains a power of an element, then it contains 
the element, and so p D a m p D a and p D b n =>• p D b. Thus a and b are both contained 
in p, which contradicts the hypothesis. 

Alternative proof: We are given that there exist elements a e A and b e B such that 
a + b = 1 . Consider 

1 = (a + b) r = a r + Qa r ~ l b + -- + b r . 

If r > m + n, then the term on the right is the sum of an element of a m with an element of 
b". 

If p and p' are distinct prime ideals of a Dedekind domain, then condition (c) of the 
definition implies that p and p' are relatively prime, and the lemma shows that p m and p' n 
are also relatively prime for all m , n > I. 

Lemma 3.10 Let p be a maximal ideal of a ring A, and let q be the ideal it generates in 
Ap, a = p^4 p . The map 

a + p m a + a m :A/p m -> A p /q m 

is an isomorphism. 

PROOF. We first show that the map is one-to-one. For this we have to show that q m n A = 
p m . But q m = S~ x p m , S = A - p, and so we have to show that p m = (S~ 1 p m ) n A. An 
element of (S -1 p m ) n A can be written a = b/s with b e p m , s e S, and a € A. Then 
sa E p m , and so sa = in A/p m . The only maximal ideal containing p m is p (because 
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m D p m =>• m D p), and so the only maximal ideal in A/p m is p/p m ; in particular, ^4/p m is 
a local ring. As s + p m is not in p/p m , it is a unit in A/p m , and so sa — in A/p m =>■ a = 
in ^/p m , i.e., a e p™. 

We now prove that the map is surjective. Let - € A p . Because s p and p is maximal, 
we have that (s) + p = A, i.e., (s) and p are relatively prime. Therefore (s) and p m are 
relatively prime, and so there exist b e A and q €p m such that bs + q = 1. Then ft maps to 
s _1 in ^4p/q m and so ba maps to |. More precisely: because s is invertible in A p /q m , | is 
the unique element of this ring such that Sj = a; since s(ba) = a(l — g), the image of fta 
in j4 p also has this property and therefore equals | . □ 

Remark 3.11 With the notations of Proposition 1 . 1 1 , we have shown in the above proof 
that a ec = a if a is a power of a maximal ideal p and S = S x p. 

We now prove that a nonzero ideal a of A can be factored into a product of prime ideals. 
According to 3.8 applied to A, the ideal a contains a product of nonzero prime ideals, 

b = p?-p%. 

We may suppose that the p/ are distinct. Then 

A/b ~ A/p[ l x ••• x A/p r ™ ~ A Pi /q? x •• • x A p Jq% 

where q,- = piA Pi is the maximal ideal of A Pi . The first isomorphism is given by the 
Chinese Remainder Theorem (and 3.9), and the second is given by (3.10). Under this 
isomorphism, a/b corresponds to qj'/qi' x •■■ x q^/q^" for some Sj < r/ (recall that the 
rings A Pi are all discrete valuation rings). Since this ideal is also the image of p j 1 • • • pm 1 
under the isomorphism, we see that 

Both of these ideals contain b, and so this implies that 

in A (because there is a one-to-one correspondence between the ideals of A/b and the ideals 
of A containing b). 

To complete the proof of Theorem 3.7, we have to prove that the above factorization is 
unique. Suppose that we have two factorizations of the ideal a. After adding factors with 
zero exponent, we may suppose that the same primes occur in each factorization, so that 

Px-P% = a = p' 1 1 -p£ 
say. In the course of the above proof, we showed that 

if = aA Pi = q? 
where q,- the maximal ideal in A Pi . Therefore s, = tj for all i. 
Remark 3.12 Note that 

Si > <^=> aA Pi ^ A p . o C p,- . 
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Corollary 3.13 Let a and b be ideals in A; then 

a C b aA p C bA p 

for all nonzero prime ideals p of A. In particular, a = b if and only if aA p — bAp for all p. 
PROOF. The necessity is obvious. For the sufficiency, factor a and b 

« = J>?-P«. b = Pl 1 -p5r. n,s t >0. 

Then 

aA Pi c bA Pi <^=> r ; - > Si, 
(recall that A Vi is a discrete valuation ring) and r ; - > Sj all i implies a C b. □ 

Corollary 3.14 Let A be an integral domain with only finitely many prime ideals; then 
A is a Dedekind domain if and only if it is a principal ideal domain. 

PROOF. Assume A is a Dedekind domain. After (3.7), to show that A is principal, it suffices 
to show that the prime ideals are principal. Let pi,...,p m be these ideals. Choose an 
element x\ e pi — p\. According to the Chinese Remainder Theorem (1.14), there is an 
element x € A such that 

X = X\ modpj, x = l modp,, i ^ 1. 

Now the ideals p i and (x) generate the same ideals in A Vi for all i , and so they are equal in 
A (by 3.13). □ 

Corollary 3.15 Let a D b ^ be two ideals in a Dedekind domain; then a = b + (a) 
for some a e A. 

PROOF. Let b = pj 1 ■■■pm 1 and o = pj 1 ■■■p S m with ri,sj > 0. Because b C o, Sj < n for 

S ' S I 1 

all i. For 1 < i < m, choose an jc/ e A such that x\ € p-', xi £ p t ' . By the Chinese 
Remainder Theorem, there is an a e A such that 

a = xi mod p.' , for all i . 

Now one sees that b + (a) — a by looking at the ideals they generate in A p for all p. □ 

Corollary 3.16 Let a be an ideal in a Dedekind domain, and let a be any nonzero 
element of a; then there exists ab e a such that o = (a,b). 

Proof. Apply (3.15) to a D (a). □ 

Corollary 3.17 Let a be a nonzero ideal in a Dedekind domain; then there exists a 
nonzero ideal a* in A such that oa* is principal. Moreover, a* can be chosen to be relatively 
prime to any particular ideal c, and it can be chosen so that aa* = (a) with a any particular 
element of a (but not both). 
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Proof. Let a e a, a ^ 0; then a Z> (a), and so we have 

(a) = P?-Pm w anda = pf ...p*», s/ <r/. 

If a* = pi 1 "' 1 ---p^ , "' m ,then ao* = (a). 

We now show that a* can be chosen to be prime to c. We have o D ac, and so (by 3.15) 
there exists an a 6 a such that o = ac + (a). As a D (a), we have (a) = a- a* for some ideal 
o* (by the above argument); now, ac + aa* = a, and so c + a* = A. (Otherwise c + a* C p 
some prime ideal, and ac + aa* = a(c + a*) C ap ^ a.) □ 

In basic graduate algebra courses, it is shown that 

A a principal ideal domain =>■ A is a unique factorization domain. 

The converse is false because, for example, k[X, Y] is a unique factorization domain in 
which the ideal (X, Y) is not principal, but it is true for Dedekind domains. 

PROPOSITION 3.18 A Dedekind domain that is a unique factorization domain is a principal 
ideal domain. 

PROOF. In a unique factorization domain, an irreducible element n can divide a product 
be only if n divides b or c (write be = nq and express each of b, c, and q as a product of 
irreducible elements). This means that (n) is a prime ideal. 

Now let A be a Dedekind domain with unique factorization. It suffices to show that each 
nonzero prime ideal p of A is principal. Let a be a nonzero element of p. Then a factors 
into a product of irreducible elements (see 1 .4) and, because p is prime, it will contain one 
of these irreducible factors n. Now p D (jt) D (0), and, because (jt) is a nonzero prime 
ideal, it is maximal, and so equals p. □ 

The ideal class group 

Let A be a Dedekind domain. A fractional ideal of A is a nonzero ^4-submodule a of A' 
such that 

da = {da \ a e a} 

is contained in A for some nonzero d e A (or K), i.e., it is a nonzero A-submodule of K 
whose elements have a common denominator. Note that a fractional ideal is not an ideal 
unless it is contained in A — when necessary to avoid confusion, we refer to the ideals in 
A as integral ideals. 

A fractional ideal a is a finitely generated A-module, because da is an integral ideal, 
hence finitely generated, for some d ^ 0, and the map XM>-Jx:a— >-Jaisan isomorphism 
of A-modules. Conversely, a nonzero finitely generated ^4-submodule of K is a fractional 
ideal, because a common denominator for the generators will be a common denominator 
for all the elements of the module. 

Every nonzero element b of K defines a fractional ideal 

(b) = bA = {ba \ a e A}. 

A fractional ideal of this type is said to be principal. 

The product of two fractional ideals is defined in the same way as for (integral) ideals 

a-b = {J2aibi \at e a, bi€b}. 
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This is again a fractional ideal: it is obviously an ^4-module, and if da C A and eb C A, 
then deab C A. For principal fractional ideals, (a)(b) = (ab). 

Example 3.19 Let A be a discrete valuation ring with maximal ideal p and field of frac- 
tions K. Write n for a generator of p. Every nonzero element of K can be written uniquely 
in the form a = un m with u a unit in A and meZ. Let a be a fractional ideal of A. Then 
da C A for some d e A, and we can suppose d = Jt n . Thus n n a is an ideal in ^4, and so it 
is of the form (jz m ) for some m > 0. Clearly, a = (n m ~ n ). Thus the fractional ideals of ^4 
are of the form (n m ), m e Z. They form a free abelian group Id(^4) of rank 1, and the map 

m^(jz m ):Z^ld(A) 

is an isomorphism. 



THEOREM 3.20 Let Abe a Dedekind domain. The set Id(A ) of fractional ideals is a group; 
in fact, it is the free abelian group on the set of prime ideals. 

PROOF. We have noted that the law of composition is well-defined. It is obviously com- 
mutative. For associativity, one checks that 

(ab)c = j^fl,Z?,-c,- | a, e a, bi e b, ci e cj = a(bc). 

The ring A plays the role of an identity element: aA = a. In order to show that Id(^4) is a 
group, it remains to show that inverses exist. 

Let a be a nonzero integral ideal. According to (3.17), there is an ideal o* and an a € A 
such that aa* = (a). Clearly a - (a~ l a*) = A, and so a -1 a* is an inverse of a. If a is a 
fractional ideal, then Jo is an integral ideal for some d, and d ■ (da) -1 will be an inverse 
for a. 

It remains to show that the group Id(^4) is freely generated by the prime ideals, i.e., 
that each fractional ideal can be expressed in a unique way as a product of powers of prime 
ideals. Let a be a fractional ideal. Then Jo is an integral ideal for some d e A, and we can 
write 

da = p[ 1 ---p%, (d) = p\ l -p%. 

Thus o = pj 1 Sl ••■pm"~ s "'. The uniqueness follows from the uniqueness of the factoriza- 
tion for integral ideals. □ 



Remark 3.21 (a) Conversely, E. Noether showed that an integral domain whose frac- 
tional ideals form a group under ideal multiplication is a Dedekind domain (see Cohn 1991, 
Theorem 4.6). 

(b) Let S be a multiplicative subset in a Dedekind domain A, and let ^4^ = 5 _1 ^4. It is 
an integral domain with the same field of fractions as A: 

AcAsCK. 

For any fractional ideal oof^4, 5 ,_1 o = {| | a € a, s € S}isa fractional ideal of As- It is 
the As -module generated by a. The following hold for all fractional ideals o and b, 



S~ l (ab) = (5 _1 o)(5 _1 b), 5 _1 o _1 = (aAs)' 1 ■ 
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(c) Here is a more direct proof, not using (3.17), that inverses exist in Id(^4). For any 
fractional ideal a, define 

a' = {a e K \ aa C A}. 

This is an ^4-module, and if d e a, d ^ 0, then da' C A, and so a' is a fractional ideal. 
From the definition of a', we see that aa' is an ideal in A. If it is not equal to A, then it 
is contained in some prime ideal p. When we pass to Ap, the inclusion aa' C p becomes 
bb' C q, where b, b', and q are the ideals in A v generated by a, a', and p. Moreover, 

b' = {a e K \ ab C A v }. 

But q = (n), and b = {n m ) = n m ■ A p for some m e Z. Clearly b' = jr~ m A p , and so 
bb' = Ap — we have a contradiction. 

We define the ideal class group Cl(A) of A to be the quotient Cl(^4) = ld(A)/P(A) of 
Id(A) by the subgroup of principal ideals. The class number of A is the order of Cl(^4) 
(when finite). In the case that A is the ring of integers Ok in a number field K, we often 
refer to Cl(O^) as the ideal class group of K, and its order as the class number of K. 

One of the main theorems of these notes will be that the class number hx of a number 
field K is finite. Understanding how the class numbers of number fields vary remains an 
interesting problem. For example, the class number of Q[y/—m] for m positive and square- 
free is 1 if and only if m = 1,2,3,7, 11, 19, 43,67, 163. It not difficult to show that these 
fields have class number 1, but it was not until 1954 that it was shown (by Heegner) that 
there were no more (and for more than 15 years, no one believed Heegner's proof to be 
correct). We have seen that Z[V— 5] is not a principal ideal domain, and so can't have class 
number 1 — in fact it has class number 2. The method we use to prove that the class number 
is finite is effective: it provides an algorithm for computing it. There are expected to be an 
infinite number of real quadratic fields with class number one, but this has not been proved. 
Using the equivalent language of binary quadratic forms (see Chapter 4), Gauss showed 
that the class group of a quadratic field Q[Vd] can have arbitrarily many cyclic factors of 
even order. 

It is known that every abelian group can be realized as the class group of a Dedekind 
domain (not necessarily the ring of integers in a number field). 1 

Example 3.22 Consider the affrne elliptic curve 

Y 2 = X 3 + aX + b, A = -4a 3 -27b 2 ^ 0. 

The associated ring A = C[X, Y]/ (Y 2 — X 3 — aX — b) of regular functions on A is a 
Dedekind domain, and its class group is uncountable. In fact, it is isomorphic in a nat- 
ural way to C/ A for some lattice A in C. 2 

Proposition 3.23 Let A be a Dedekind domain, and let S be a multiplicative set in A. 
Then oh^ 5 _1 a defines an isomorphism from the subgroup ofld(A) generated by prime 
ideals not meeting S to the group Id(5' _1 ^4). 

'Claborn, Luther. Every abelian group is a class group. Pacific J. Math. 18 1966 219-222. 

2 Let E be the associated complete curve, and let Div (£) be the group of divisors of degree zero on E. 
There is an obvious isomorphism Div°(£) ~ Id(^4) under which principal divisors correspond to principal 
ideals, and so 

Cl(A) ~ Pic°(£) ~ E(C) ~ C/A 

(Milne 2006,14.10, III 3.10). 
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PROOF. Immediate consequence of 1.12 and 3.20. □ 

Remark 3.24 Let A be a Dedekind domain with finite ideal class group. There is then a 
finite set of ideals oi , a m which is a set of representatives for the ideal classes. Clearly we 
may take the 0/ to be integral. Let b be any element in f] o,- , and let S be the multiplicative 
set generated by b, S = {I, b,b 2 ,...}. I claim that S~ X A is a principal ideal domain. 

By assumption, every ideal a C A can be written a = (a) ■ a, for some a e K x and i, 
1 < /' < m. Because the map b 5 _1 b is a homomorphism we have 5 _1 a = (a) ■ S -1 a; 
where (a) now denotes the ideal generated by a in S~ l A. Since S _1 a,- contains a unit, it is 
the whole ring. Thus 5 _1 a = (a), and we see that every ideal in S~ l A of the form S~ 1 a 
is principal. According to (1.11), all ideals of S~ l A are of this form. 

Remark 3.25 The following conditions on an integral domain A are equivalent: 

(a) A is a Dedekind domain; 

(b) for every prime ideal p of A, Ap is a discrete valuation ring; 

(c) the fractional ideals of A form a group; 

(d) for every fractional ideal o of A, there is an ideal b such that ab = A. 

We have seen that (a) implies (b) , (c), and (d), and the same arguments show that 
(b) implies (c) and (d). The conditions (c) and (d) are obviously equivalent, and we have 
already noted in (3.21) that (c) implies (a). 

Discrete valuations 

Let A' be a field. A discrete valuation on K is a nonzero homomorphism v:K x such 
that v(a + b) > min(v(a), v(b)). As v is not the zero homomorphism, its image is a nonzero 
subgroup of Z, and is therefore of the form m7L for some m e Z. If m = 1, then v: K x — >• Z 
is surjective, and v is said to be normalized; otherwise, x m> m~ J ■ v (x) will be a normalized 
discrete valuation. 

Note that, for a discrete valuation ord, 

ord(ai H Va m ) > min(ord(fli),ord(fl2 H \-a m )) >■■■> min (ord(a,)). (8) 

l<i<m 

Example 3.26 (a) Let M. be the field of meromorphic functions on a connected open 
subset U of the complex plane (or, better, a compact Riemann surface), and let / € Ai x . 
For each P 6 U, define ordp(/) to be —m, m, or according as / has a pole of order m 
at P , a zero of order m at or neither a pole nor a zero at P. Then ord/> is a normalized 
discrete valuation on Ai. 

(b) Let A be a principal ideal domain with field of fractions K, and let n be a prime 
element of A. Then each element c of K x can be expressed uniquely in the form c = n m £ 
with meZ and a and b elements of A relatively prime to n. Define v(c) = m. Then v is a 
normalized discrete valuation on K. 

(c) Let A be a Dedekind domain and let p be a prime ideal in A. For any c e K x , let 
pu(c) b e t h e p Qwer f p j n the factorization of (c). Then v is a normalized discrete valuation 
on K. 
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In all these examples, we have that via + b) = v(b) if v(a) > v(b). This is in fact a 
general property of discrete valuations. First note that v(%) = for any element of K x of 
finite order because v is a homomorphism and Z has no elements of finite order); hence 
v{—a) = v(— 1) + v(a) = v(a). Therefore, if v(a) > v(b), we have 

v(b) = v(a + b — a)) > mm(v(a + b),v(a)) > min(u(a), v(b)) = v(b), 

and so equality must hold throughout, and this implies v(a + b) = v(b). 

We often use "ord" rather than "v" to denote a discrete valuation; for example, we often 
use ordp to denote the normalized discrete valuation defined by p in (c). 

Example (b) shows that every discrete valuation ring gives rise to a discrete valuation 
on its field of fractions. There is a converse to this statement. 

Proposition 3.27 Let v be a discrete valuation on K, then 

A = {aeK\v(a)>0} 
is a principal ideal domain with maximal ideal 

m = {a € K | v(a) > 0}. 

If v(K x ) = fflZ, then the ideal m is generated by every element n such thatv(n) = m. 
Proof. Routine. □ 

Later we shall see that a discrete valuation ord defines a topology on K for which two 
elements x and y are close if ord(x — y) is large. The Chinese Remainder Theorem can be 
restated as an approximation theorem. 

Proposition 3.28 Letx\,...,x m be elements of aDedekind domain A, and let pi,..., p m 
be distinct prime ideals of A. For every integer n, there is an x e A such that 

ord Pj . (x — Xi ) > n , i = \,2,...,m. 

PROOF. From (3.9) we know that the ideals p" + 1 are relatively prime in pairs, and so (1 . 14) 
provides us with an element x e A such that 

x = xi modp" +1 , z = 1,2, ...,m, 

i.e., such that 

ord p; (x — Xj ) > n , i = \,2, ...,m. n 



Integral closures of Dedekind domains 

We now prove a result that implies that rings of integers in number fields are Dedekind 
domains, and hence that their ideals factor uniquely into products of prime ideals. 

THEOREM 3.29 Let Abe a Dedekind domain with field of fractions K, and let B be the 
integral closure of A in a finite separable extension L of K. Then B is a Dedekind domain. 
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PROOF. We have to check the three conditions in the definition of a Dedekind domain (see 
3.3). We first show that B is Noetherian. In (2.29) we showed that B is contained in a 
finitely generated ^-module. It follows that every ideal in B is finitely generated when 
regarded as an ^4-module (being a submodule of a Noetherian ^4-module) and a fortiori as 
an ideal (= 5-module). Next, B is integrally closed because of (2.16). It remains to prove 
that every nonzero prime ideal q of B is maximal. Let fi e q, ft ^ 0. Then is integral over 
A, and so there is an equation 

P n +a 1 p n ~ 1 + --- + a„ = 0, aieA, 

which we may suppose to have the minimum possible degree. Then a n ^ 0. As a„ e 
f3B Pi A, we have that q D A ^ (0). But q D A is a prime ideal (obviously), and so it is a 
maximal ideal p of A, and A/p is a field. We know B/q is an integral domain, and the map 

a + p h> a + q 

identifies A/p with a subfield of B/q. As B is integral over A, B/q is algebraic over A/p. 
The next lemma shows that B/q is a field, and hence that q is maximal. □ 

Lemma 3.30 Every integral domain B containing a field k and algebraic overk is itself a 
field. 

PROOF. Let /3 be a nonzero element of B — we have to prove that it has an inverse in B. 
Because /3 is algebraic over k, the ring k[/3] is finite-dimensional as a £:-vector space, and 
the map x i->- fix: k[fi] — »• k\fi] is injective (because B is an integral domain). From linear 
algebra we deduce that the map is surjective, and so there is an element B' e k[B] such that 
Pfi' = l. 

In fact, Theorem 3.29 is true without the assumption that L be separable over K — 
see Janusz 1996, I 6.1 for a proof of the more general result. The added difficulty is that, 
without the separability condition, B may fail to be finitely generated as an ^4-module, and 
so the proof that it is Noetherian is more difficult. 

Modules over Dedekind domains (sketch). 

The structure theorem for finitely generated modules over principal ideal domains has an 
interesting extension to modules over Dedekind domains. Throughout this subsection, A is 
a Dedekind domain. 

First, note that a finitely generated torsion-free ^-module M need not be free. For 
example, every fractional ideal is finitely generated and torsion-free but it is free if and only 
if it is principal. Thus the best we can hope for is the following. 

Theorem 3.31 Let A be a Dedekind domain. 

(a) Every finitely generated torsion-free A-module M is isomorphic to a direct sum of 
fractional ideals, 

M%ai©--©o m . 

(b) Two finitely generated torsion-free A-modules M ss ai © ■ ■ ■ © a m and N rs bi © • • • © 
b n are isomorphic if and only if m = n and \\ a, = \\ b, modulo principal ideals. 
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Hence, 

M « oi ©•••©a OT ^©•••© A®a\---<x m . 

Moreover, two fractional ideals a and b of A are isomorphic as ^-modules if and only if 
they define the same element of the class group of A. 

The rank of a module M over an integral domain R is the dimension of K <S>r M 
as a /^-vector space, where K is the field of fractions of R. Clearly the rank of M ss 
ai ■ •■ a m is m. 

These remarks show that the set of isomorphism classes of finitely generated torsion- 
free ^4-modules of rank 1 can be identified with the class group of A. Multiplication 
of elements in Cl(^4) corresponds to the formation of tensor product of modules. The 
Grothendieck group of the category of finitely generated ^4-modules is Cl(^4) Z. 

Theorem 3.32 (Invariant factor theorem) LetM D N be finitely generated torsion- 
free A-modules of the same rank in. Then there exist elements 6\, ...,e m of M , fractional 
ideals a\,...,a m , and integral ideals b\ D bi D ... D b m such that 

M = mei ®---®a m e m , N = a\b\e\ ®---®a m b m e m . 

The ideals b\, b m are uniquely determined by the pair M D N , and are called 

the invariant factors of N in M. 

The last theorem also yields a description of finitely generated torsion ^4-modules. 

For proofs of the above results, see Curtis and Reiner 1962, III, 22, Frohlich and Taylor 
1991, II 4, or Narkiewicz 1990, 1 3. 

Notes We sketch a proof of (3.31a). Let A be a Dedekind domain, and let M be finitely generated 
torsion-free ^4-module. Then A p <g> M is free, hence projective, for every nonzero prime ideal p in 
A (because A p is principal ideal domain), and this implies that M is projective. Therefore there is 
a nonzero homomorphism M — ► A, whose image is an ideal o in A. As a is projective, there exists 
a section to the map M a, and so M % a © M\ for some submodule M\ of M . Now M\ is 
projective because it is a direct summand of a projective module, and so we can repeat the argument 
with Mi . This process ends because M is noetherian. 

NOTES Note that the Jordan-Holder theorem fails for finitely generated projective modules over 
non-principal Dedekind domains. 

Factorization in extensions 

Let A be a Dedekind domain with field of fractions K, and let B be the integral closure of 
A in a finite separable extension L of K. 
A prime ideal p of A will factor in B, 

If any of the numbers is > 1, then we say that p is ramified in B (or L). The number 
e\ is called the ramification index. We say *p divides p (written ^Plp) if *P occurs in the 
factorization of p in B. We then write e(*p/p) for the ramification index and /CP/p) for 
the degree of the field extension A/p] (called the residue class degree). A prime p 

is said to split (or split completely) in L if e, = fi = 1 for all i , and it said to be inert in L 
if pB is a prime ideal (so g = 1 = e). 
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For example, (2) = (1 + i) 2 in Z[z], and so (2) ramifies with ramification index 2. On 
the other hand, (3) is inert in Q[z] with residue field Z[j]/(3) = F9, and (5) splits as the 
product of two prime ideals (5) = (2 + i)(2 — i). 

Lemma 3.33 A prime ideal <p of B divides p if and only ifp — ^nK. 

PROOF. =>•: Clearly p C^C) K and n K ^ A. As p is maximal, this implies that p = 

<=: If p C then pB C and we have seen (3.12) that this implies that ^ occurs in 
the factorization of p B. □ 

THEOREM 3.34 Let m be the degree of L over K, and let ...,9p g be the prime ideals 
dividing p; then 

g 

J>/i=m. (9) 
i = i 

If L is Galois over K, then all the ramification numbers are equal, and all the residue class 
degrees are equal, and so 

efg = m . (10) 
Proof. To prove (9), we shall show that both sides equal [B/pB: A/p]. 

For the equality £f =1 e t f = [B/pB:A/p], note that B/pB = B/ ]"[<£■' ^ U B /¥? 
(Chinese Remainder Theorem), and so it suffices to show that [B/^f : A/p] = e\ f . From 
the definition of f, we know that B/tyi is a field of degree f over A/p. For each r,-, 
V/' + 1 i s a B/*$i -module, and because there is no ideal between *pp and , it 

must have dimension one as a 5/^3/ -vector space, and hence dimension f as an A/p- 
vector space. Therefore each quotient in the chain 

BD^i D?P?D-D«P? 

has dimension _/} over A/p, and so the dimension of B/^ 1 is e z - /J- . 

The proof of the equality [B /pB: A/p] = m is easy when B is a free ^4-module, for 
example, if A is a principal ideal domain, because an isomorphism A n B of ^-modules, 
when tensored with K, gives an isomorphism K" — »• L, which shows that « = m, and, 
when tensored A/p, gives an isomorphism (A/p)" — >■ B/pB (see (3), p23), which shows 
that w = [B/pB:A/p]. 

Now let S be a multiplicative subset of A disjoint from p and such that S~ l A is principal 
(e.g., S = A-p). Write B' = S _1 B and A = S~ l A. ThenpB' = YlWiB'Y 1 (see 3.23), 
and so J2 e ifi = [B'/pB': A'/pA']; but A' is principal, and so [B'/pB': A'/pA'] = m. This 
completes the proof (9). 

Now assume L is Galois over K. An element a of Gal(L//T) maps B isomorphically 
onto itself. In particular, if ^ is a prime ideal of B , then crty is also a prime ideal. Moreover, 
if <p divides p, then it follows from (3.33) that divides p. Clearly e(p<#/p) = e($$/p) 
and / (a*p/p) = / CP/p), and so it remains to show that Gal(L / K) acts transitively on the 
prime ideals of B dividing p. 

Suppose and £3 both divide p, and suppose £2 is not conjugate to i.e., that for all 
o 6 Gal(L/K), crty ^ £2. According to the Chinese Remainder Theorem, we can find an 
element fi lies in 12 but not in any of the ideals o^. Consider b = Nm(/3) = ]~[a/3. Then 
b 6 A, and as fi e £2, it also lies in £2; hence b e £2 fl A = p. On the other hand, for all 
a e Gal (L/ AT), ^ ^ cr _1$ P, and so £ «p. The fact that \]ofi e p C <P contradicts the 
primality of □ 
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The primes that ramify 

In this subsection, we obtain a description of the primes that ramify in an extension. 

THEOREM 3.35 Let L be a finite extension of a number field K, let A be a Dedekind 
domain in K with field of fractions K (e.g., A = Ok), and let B be the integral closure 
of A in L. Assume that B is a free A-module (this is true for example if A is principal 
ideal domain). Then a prime p ramifies in L if and only if p\ disc (B/A). In particular, only 
finitely many prime ideals ramify. 

We obtain this as the consequence of a series of lemmas. 

Lemma 3.36 Let A be a ring and let B be a ring containing A and admitting a finite basis 
{e\, ...,e m } as an A-module. For any ideal a of A, [e\, ...,e m } is a basis for the A / a-module 
B/aB, and 

D(ey,...,e m ) = D(ey,...,e m ) mod a. 
PROOF. As in the proof of (3.34), the isomorphism 

(ai,...,a m ) J2aiei-A m -+ B 

gives, when tensored with A /a, an isomorphism 

(a u ...,a m ) m> Y.a-ier.(A/a) m B/a 

which shows that e\, ...,e m is a basis for B/aB. The second assertion is obvious from the 
definitions. □ 

Lemma 3.37 Let A be a ring and let B\,..., B g be rings containing A and free of finite 
rank as A-modules. Then 

disc((]~[5,)M) = Y[disc(Bi/A). 

PROOF. Choose bases e,- for each of the 5, (as ^4-modules), and compute the discriminant 
of B/A using the basis (J ; - . □ 

An element a of a ring is said to be nilpotent if a m = for some m > 1 . A ring is said 
to be reduced if it has no nonzero nilpotent elements. 

Lemma 3.38 Let k be a perfect field, and let B be a k-algebra of finite dimension. Then 
B is reduced if and only if disc(B / k) ^ 0. 

PROOF. Let /3 be a nilpotent element of B, and choose a basis e\ e m for B with 

e\ = p. Then is nilpotent for all /', and so the A: -linear map 

x h-> Betx: B -> B 

is nilpotent. Its matrix is also nilpotent, but a nilpotent matrix has trace zero — its minimum 
polynomial (and hence its characteristic polynomial) is of the form X r — and so the first 
row of the matrix (Tr(e,-e, )) is zero. Therefore its determinant is zero. 

Conversely, suppose B is reduced. We first show that the intersection 9T of the prime 
ideals of B is zero (this, in fact, is true for every reduced Noetherian ring). Let b € B,b ^ 0. 
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Let E be the set of ideals of B containing no power of b. Because b is not nilpotent, £ 
contains the zero ideal, and hence is nonempty. Because B is Noetherian, S has a maximal 
element p. We shall show that p is prime. Since b p, this will show that b 91. 

Let x,y be elements of B not in p. Then p + (jc) and p + (y) strictly contain p, and so 

b m sp + (x), b n ep + (y) 

for some m,n, say, 

b m = p + cx, b"=p' + c'y, p,p'sp, c,c'sB. 

Then b m+n = pp' + pc'y + p'cx + cc'xy e p + (xy), and so p + (xy) is not in E; in 
particular, p + (xy) ^ p, and xy p. Therefore p is prime ideal, which completes the proof 
that m = 0. 

Let p be a prime ideal of B. Then B/p is an integral domain, algebraic over k, and 
hence is a field (by 3.30). Therefore p is maximal. Let pi,p2> • • • >f>r be prime ideals of 
B. Since they are all maximal, they are relatively prime in pairs. Therefore the Chinese 
remainder theorem shows that 

B/r)pi = YiB/Pi (*). 

Note that 

[B:k]>[B/npi-k} = UB/Pi:k]>r. 

Therefore B has only finitely many prime ideals, say pi,...,p g where g < and 
P)p; = 0. When we take r = g in (*) we find that 

B = Y\l l B/p i . 

For each i, B/pj is a field, and it is a finite extension of k. Because k is perfect, it is even 
a separable extension of k. Now we can apply (2.26) to deduce that disc((B/p,)/A:) 7^ 0, 
and we can apply the preceding lemma to deduce that disc (5/ k) 7^ 0. □ 

We now prove the theorem. From the first lemma, we see that 

disc(B/^) mod p = disc((B/pB)/(A/p)), 

and from the last lemma that disc((5/pS)/(^4/p)) = if and only B/pB is not reduced. 
Let pB = n^-' ■ Then B/pB ~ f\B/^ e ' , and 

Y\ B /^ e ' is reduced <^=> each B/^ e ' is reduced <^=> eache,- = l. 

Remark 3.39 (a) In fact there is a precise, but complicated, relation between the power 
of p dividing disc (B / A) and the extent to which p ramifies in B. It implies for example 
that ordp(disc(5/^4)) > J2fi( e i ~ 1)> an ^ tnat equality holds if no a is divisible by the 
characteristic of A /p. See Serre 1962, III 6. 

(b) Let A be the ring of integers in a number field K, and let B be the integral closure 
of A in a finite extension L of K. It is possible to define disc(B/^4) as an ideal without 
assuming B to be a free ^4-module. Let p be an ideal in A, and let S = A — p. Then 
S~ l A = Ap is principal, and so we can define disc(5' _1 S/5' _1 ^4). It is a power (p^p)'"^-' 
of p^4 p . Define 

&isc{B / A) = Y\p m{ * ) . 
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The index m(p) is nonzero for only finitely many p, and so this formula does define an ideal 
in A. Clearly this definition agrees with the usual one when B is a free ^4-module, and the 
above proof shows that a prime ideal p ramifies in B if and only if it divides disc(5/^4). 

Example 3.40 (For experts on Riemann surfaces.) Let X and Y be compact connected 
Riemann surfaces, and let a: Y — > X be a nonconstant holomorphic mapping. Write M.(X) 
and M.(Y) for the fields of meromoiphic functions on X and Y. The map / i-> / oa is an 
inclusion Ai(X) A4(Y) which makes Ai(Y) into a field of finite degree over Ai(X); 
let m be this degree. Geometrically, the map is m : 1 except at a finite number of branch 
points. 

Let P e X and let Op be the set of meromorphic functions on X that are holomorphic 
at P — it is the discrete valuation ring attached to the discrete valuation ord/>, and its 
maximal ideal is the set of meromorphic functions on X that are zero at P . Let B be the 
integral closure of Op in A4(Y). Let a~ l (P) = {Qi,..., Q g } and let e ; be the number 
of sheets of Y over X that coincide at Qi. Then pB = I~[q>' where q, is the prime ideal 
{feB 1/(60 = 0}. 

Finding factorizations 

The following result often makes it very easy to factor an ideal in an extension field. Again 
A is a Dedekind domain with field of fractions K, and B is the integral closure of A in a 
finite separable extension L of K. 

Theorem 3.41 Suppose that B = A[oe], and let f(X) be the minimum polynomial of a 
over K. Letp be a prime ideal in A. Choose monic polynomials g\ (X), . . .,g r (X) in A[X] 
that are distinct and irreducible modulo p, and such that f(X) = YlSii^Y' modulo p. 
Then 

pB = Yl(p, gi (a)) e * 

is the factorization of pB into a product of powers of distinct prime ideals. Moreover, the 
residue field B/(p,gi(a)) ~ (A/p)[X]/(gi), and so the residue class degree fi is equal to 
the degree of gi . 

PROOF. Our assumption is that the map X a defines an isomorphism 

A[X]/(f(X)) -> B. 

When we divide out by p (better, tensor with A/p), this becomes an isomorphism 

k[X]/(f(X))^B/pB, X^a. 

where k = A/p. The ring k[X]/( f) has maximal ideals (gi), (gr), and ]~[(.?') e ' = 
(but no product with smaller exponents is zero). The ideal (gi) in k[X]/(f) corresponds 

def 

to the ideal (g, (a)) + pB in B/pB, and this corresponds to the ideal *p,- = (p,gj(a)) in 
B. Thus is the complete set of prime ideals containing pB, and hence is the 

complete set of prime divisors of p (see 3.12). When we write pB = Yl^f > tnen the 
are characterized by the fact that pB contains but it does not contain the product 

when any e\ is replaced with a smaller value. Thus it follows from the above (parenthetical) 
statement that a is the exponent of gi occurring in the factorization of /. □ 
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Remark 3.42 When it applies the last theorem can be used to prove (3.34) and (3.35). For 
example, m = deg(/), and so the equation m = J2 e ifi is simply the equation deg(/) = 
Yl e i 'deg(g/). Also, disc(5/^4) = disc(/(X)), and this is divisible by p if and only if 
/ (X) has multiple factors (when regarded as an element of L4/p)[X]), i.e., if and only if 
some ei > 0. 

Remark 3.43 The conclusion of the theorem holds for a particular prime p of A under 
the following weaker hypothesis: disc(l,a, = a-disc(B/ A) with a an ideal of A 

not divisible by p. To prove this, invert any element of a not in p, and apply the theorem to 
the new ring and its integral closure. 

Examples of factorizations 

We use Theorem 3.41 to obtain some factorizations. 

Example 3.44 Let m ^ 1 be a square-free integer. We consider the factorization of 
prime integers in K = Q[^fm\. Recall that &isc(\ , *Jm) = 4m, and that disc(0^/Z) = 
disc(l, sfm) if m = 2, 3 mod 4, and that disc(0^/Z) = disc(l, x /m)/4 if m = 1 mod 4. In 
both cases, we can use the set {1, ^/m} to compute the factorization of an odd prime p (see 
3.43). Note that (3.34) allows only three possible factorizations of (p) in Ok, namely, 

(p) = p 2 : (p) ramifies, e = 2, f = 1, g = 1; 

(p) = p: (p) stays prime, e = 1, / = 2, g = \\ 

(p) = pipr- O) splits, e = 1, / = 1, g = 2. 
One obtains the following result. 

(i) If p\ disc(0K/Z), then (p) ramifies in Ok- 

(ii) For an odd prime p not dividing the m, we have 

(p) is the product of two distinct ideals <^=^ m is a square mod p, i.e., (^) = 1; 
(p) is a prime ideal in QfV^] m is not a square mod p, i.e., (2*) = — 1. 

(iii) For the prime 2 when m = 1 mod 4, we have 

(p) is the product of two distinct ideals <^=> m = 1 mod 8; 

(p) is a prime ideal in Q[V^] m = 5 mod 8. 

To prove (iii), we must use the integral basis {l,a}, a = (1 + ■ s /m)/2. The minimum 
polynomial of a is X 2 - X + (1 -m)/4. If m = 1 mod 8, this factors as X 2 + X = X{X + 1) 
mod 2, and so (2) = (2, a) (2, 1 + a). If m = 5 mod 8, then X 2 - X + (1 - m)/4 = X 2 + 
X + 1 mod 2, which is irreducible, and so (2) = (2, 1 + a + a 2 ) = (2). 

Example 3.45 It is proved in basic graduate algebra courses that Z[/], the Gaussian inte- 
gers, is a principal ideal domain. I claim that the following conditions on an odd prime p 
are equivalent: 

(a) p = 1 mod 4; 

(b) (/>) splits in Z[i]; 

(c) there exist integers a and such that p = a 2 + & 2 . 

We know that (p) splits in Z[z'] if and only if X 2 + 1 splits modulo /?, but this is so if 
and only if ¥ p contains a 4th root of 1, i.e., if and only if the group contains an element 
of order 4. As is a cyclic group (FT Exercise 1-3) of order p — 1, this is so if and only if 
A\p — 1. Thus we have shown that (a) and (b) are equivalent. 
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Suppose (p) splits in Z[i], say (p) = pip2- Then pi and p2 are principal, and if pi = 
(a + ib) then p2 = (a — ib). Therefore a 2 + b 2 = p up to multiplication by a unit in 
Z(7]. But the only units in Z[z] are ±1, ±j, and so obviously a 2 + 6 2 = /?. Conversely, if 
p = a 2 + b 2 with e Z, then (/>) = (a + — in Z[i]. 

Aside 3.46 The fact that every prime of the form 4« + 1 is a sum of two squares was stated as a 
theorem by Fermat in a letter in 1654. Euler, who was almost certainly unaware of Fermat's letter, 
found a proof. For some history, and a discussion of algorithms for finding a and b, see Edwards 
1977, p. 55. 

Remark 3.47 (a) From (3.41) and (3.43) we see that, for almost all p, factoring (p) in Ok 
amounts to factoring a polynomial f(X) modulo p into a product of powers of irreducible 
polynomials. Clearly, this can always be done, but it may require a lot of hard work but not 
much intelligence. Hence it can safely be left to the computer. In PARI, f actormod(f ,p) 
factors the polynomial / modulo p. For example, 
factormod(X~3+10*X+l,2) returns (X + l)(X 2 + X + 1), 
f actormod(X~3+10*X+l, 17) returns X 3 + 10X + 1, 

f actormod(X~3+10*X+l , 4027) returns (X + 2215) 2 (X + 3624), etc., as in the following 
table. 

(b) In the next section, we shall show, not only that the class group of a number field 
is finite, but that it is generated by the prime ideals dividing a certain small set of prime 
numbers. Finding the class number therefore involves finding the prime ideal factors of 
these prime numbers, and the relations among them. 

Example 3.48 Let a be a root of X 3 + 10X + 1. Recall that the discriminant of the 
polynomial is —4027, and so the ring of integers in Q[a] is Z + Za + Za 2 . There are the 
following factorizations: 



2 


(l + X)(l + X + X 2 ) 


(2) 


= (2,l+a)(2,l + a + a 2 ) 


3 


(2 + X)(2 + X + X 2 ) 


(3) 


= (3,2 + a)(3,2 + a + a 2 ) 


5 


{1 + X){\ + AX + X 2 ) 


(5) 


= (5,l + a)(5,l + 4a + a 2 ) 


7 


(3 + X)(5 + AX + X 2 ) 


(7) 


= (7,3 + a)(7,5 + 4o; + a 2 ) 


11 


(6 + X)(2 + 5X + X 2 ) 


(11) 


= (ll,6 + a)(ll,2 + 5a + a 2 ) 


13 


1 + 10X + X 3 


(13) 


= (13,1 + 10a + a 3 ) = (13) 


17 


1 + 10X + X 3 


(17) 


= prime ideal. 


4027 


(2215 + X) 2 (3624 + Z) 


(4027) 


= (4027, 2215 + a) 2 (4027, 3624 + a) 



Example 3.49 Let a be a root of X 3 — SX + 15. Here again, the discriminant of the 
polynomial is —4027, and so the ring of integers in Q[a] is Z + Za + Za 2 . There are the 
following factorizations: 



2 


(l + X)(l + X + X 2 ) 


(2) 


= (2,l+a)(2,l+a + a 2 ) 


3 


X(\+X 2 ) 


(3) 


= (3, a) (3,1+ a 2 ) 


5 


X(2 + X 2 ) 


(5) 


= (5, a) (5, 2 + a 2 ) 


7 


(5 + X)(3 + 2X + X 2 ) 


(7) 


= (7, a) (7, 3 + 2a + a 2 ) 


11 


(1 + Z)(4+ 10X + X 2 ) 


(11) 


= (ll,a)(ll,4+ 10a + a 2 ) 


13 


2 + 5X + X 3 


(13) 


= (13) 


17 


(4 + X)(6 + X)0 + X) 


(17) 


= (17,4 + a)(17,6 + a)(17,7 + a) 


4027 


(509 + X)(1759 + X) 2 . 


(4027) 


= (4027, 509 + a) (4027, 1759 + a) 2 
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On comparing the factorizations of (17) in the fields in the last two examples, we see that 
the fields are not isomorphic. 

Remark 3.50 When K is a number field, it is interesting to have a description of the set 
Spl(/Q of prime numbers that split in K. For K = Q[^/m] with m square free, this is the set 
of odd p not dividing m for which (^) = 1 together possibly with 2 (see 3.44). We shall 
see later that the quadratic reciprocity law gives a good description of the set. For every 
abelian Galois extension K of Q, class field theory gives a similarly good description, 
but for an arbitrary extension very little is known about what sets can occur. There is a 
theorem that says that two Galois extensions K and K' of Q are isomorphic if and only if 
Spl(A') =Spl(AT / ). Moreover, this can be made into an effective procedure for determining 
when fields are isomorphic. See Theorem 8.38 below. 

Example 3.51 In (2.39), we saw that f{X) = X s - X - 1 is irreducible in Q[X], and that 
its discriminant is 19- 151, which is square-free, and so, if a is a root of / (X), then 7L\u\ is 
the ring of integers in Q[a]. We have the following factorizations: 

/ = (6 + *) 2 (10 + 13X + 11 X 2 + X 3 ) 
(19) = (19,6 + a) 2 (19,10 + 13a + 17a 2 + a 3 ) 
/ = (9 + X)(39 + X) 2 (61 + 64X + X 2 ) 
(151) = (151,9 + a)(151,39 + a) 2 (151,61 + 64a + a 2 ) 
/ = (1261 + X)(2592 + *)(790 + 3499X + 174X 2 + X 3 ) 
(4027) = (4027, 1 26 1 + a) (4027, 2592 + a) (4027, 790 + 3499a + 1 74a 2 + a 3 . 

Thus (19) and (151) are ramified in Q[a], and 4027 is not, which is what Theorem 3.35 
predicts. 

Example 3.52 According to PARI, 

X 4 + X 3 + X 2 + X + 1 = (X + 4) 4 mod 5 

Why is this obvious? 

Eisenstein extensions 

Recall that Eisenstein's Criterion says that a polynomial 

X m +a 1 X m - 1 + --- + a m , 

such that a, e Z, p\at all i, and p 2 does not divide a m , is irreducible in Q[X]. We will 
improve this result, but first we need to make two observations about discrete valuations. 

Let A be a Dedekind domain, and let B be its integral closure in a finite extension L of 
its field of fractions K. Let p be a prime ideal of A and let *}3 be an ideal of B dividing p, 
say pB = • • ■ . Write ord p and ord*p for the normalized valuations on K and L defined 
by p and Then 

ordip | K = e ■ ord p (11) 

because, if (a) = p m ■ ■ ■ in A, then (a) = y$ me ■■■ in B. 
Next I claim that if 

a\ H V a n = 0, 




66 



3. Dedekind Domains; Factorization 



then the minimum value of ord(a ; ) must be attained for at least two is. Suppose not, say 
ord(<3i) < ord(a,) for all i > 1. Then — a\ = ^/>2 a ' implies that 

(8) 

ord(ai) = ord( > a{) > min ord(cz,), 

i~ii>2 2<i<n 

which is a contradiction. 

Let A be a Dedekind domain and let p be a prime ideal in A. A polynomial 

X m + ai X m - 1 +... + a m , cue A, 

is said to be Eisenstein relative to p if 

ordp(fli) >0, ord p (a m _i) > 0, ord p (a m ) = 1. 

Proposition 3.53 Let f(X) e A[X] be an Eisenstein polynomial with respect to p. Then 
f(X) is irreducible, and if a is a root of f(X), then p is totally ramified in K[a]; in fact 
pB = <£ m with *p = (p,a) andm = deg(f). 

def 

PROOF. Let L be the field generated by a root a of / (X); then [L: K] < m = deg(f). Let 
*P be a prime ideal dividing p, with ramification index e say. Consider the equation 

a m + a\a m ~ l H \-a m = 0. 

Because / (X) is Eisenstein, 

ordrp(a" 5 ) = m -ord<p(a); 
ord<p (aj a m ~ l ) > (m — i)- ordrp (a) + e ; 
ordqjfa™) = e. 

If ordip(a) = 0, then the minimum value of ord<p is taken for a single term, namely a m . This 
is impossible, and so ord<p(a) > 1, and ordsp(a,a m_ ') > ordfp(a m ) = e for i = 1, ...,m— 1. 
From the remark preceding the proposition, we see that m ■ ordfp(a) = e. Then 

m-ord«p(a) = e < [K[a] : K] < m, 

and we must have equalities throughout: ord<p(a) = 1, [K(a): K] = m = e. □ 

Notes Gauss proved the quadratic reciprocity law, and studied the arithmetic of Q[i] in order 
to discover the quartic reciprocity law. Kummer made an intense study of the arithmetic of the 
fields Q[£„], where is a primitive «th root of 1, in order to prove higher reciprocity laws. A 
major problem for him was that unique factorization fails already for n = 23. To restore unique 
factorization, he developed his theory of "ideal numbers". One of Dedekind's great achievements 
was to realize that, by replacing Kummer's "ideal numbers" with his new notion of "ideals", it was 
possible to simplify Kummer's theory and extend it to the rings of integers in all number fields. A 
difficult step for him was showing that if a|b, then there exists an ideal c such that a = be. Emmy 
Noether re-examined Kummer's work more abstractly, and named the integral domains for which 
his methods applied "Dedekind domains". 
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Exercises 

3-1 Let k be a field. Is k[X, Y] a Dedekind domain? (Explain). 

3-2 Show that Z[v3] is the ring of integers in Q[V3] and Z[a/7] is the ring of integers 
in Q[V7], but that Z[V3, V7] is not the ring of integers in Q[V3, (Hint: look at 
(V3 + V7)/2.) 

3-3 Complete the proofs of the following statements (cf. 3.45): 

(a) x 2 + y 2 = p has a solution in Z <^=> = 1 mod 4; 

(b) x 2 + 2y 2 = p has a solution in Z <^=> /> = 1 or 3 mod 8; 

(c) x 2 + 3>> 2 = p has a solution in Z <^=> /> = 1 mod 3. 3 

You may assume that Q[^/—p] has class number 1 for p < 5. 

3-4 Let A: be a field, and let A be the subring k[X 2 , X 3 ] of k[X]. 

(a) Show that k[X] is a finitely generated £[X 2 ]-module, and hence is a Noetherian 
/c [JT 2 ]-module. Deduce that A is Noetherian. 

(b) Show that every nonzero prime ideal of A is maximal, but that A is not a Dedekind 
domain. 

Hence A satisfies conditions (a) and (c) to be a Dedekind domain, but not (b). There are 
also rings that satisfy (b) and (c) but fail (a), and rings that satisfy (a) and (b) but not (c) (for 
example, k[X, Y]). 



3 Kwangho Choiy notes that x 2 + 3y 2 = p can be replaced by x 2 + xy + y 2 = p, because the norm is of 
the form x 2 + xy + y 2 . However, both are true, because (-^) = (■§)• Moreover, we can remark that the prime 
ideal lying over p with (j) = 1 can be generated by an element in Z[V — 3]. 
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The Finiteness of the Class Number 



In this section we prove the first main theorem of the course: the class number of a number 
field is finite. The method of proof is effective: it gives an algorithm for computing the 
class group. 

Norms of ideals 

Let A be a Dedekind domain with field of fractions K, and let B be the integral closure of A 
in a finite separable extension L. We want to define a homomorphism Nm:Id(5) — > IdL4) 
which is compatible with taking norms of elements, i.e., such that the following diagram 
commutes: 

Nm 

K , «^ ld(A) 

Because ld(B) is the free abelian group on the set of prime ideals, we only have to 
define Nm(p) for p prime. 

Let p be a prime ideal of A, and factor pB = n^-Pf' ■ If P is principal, say p = (n), then 
we should have 

Nm(pS) =Nm(jr-B) = Nm(j)-yl = (n m ) = p m , m = [L: K], 

Also, because Nm is to be a homomorphism, we should have 

Nm(pS) = Nm(n^f) = riNmOP/)"- 

On comparing these two formulas, and recalling (3.34) that m = Yl e ifi-> we see we 
should define Nm(*p,- ) = pf' . We take this as our definition: 

Nm(<p) = p/CP/P) where p _ <p n A and /(fp/p) = [B/*p : A/p]. 

To avoid confusion, I sometimes use M to denote norms of ideals. 
If we have a tower of fields M D L D K, then 

because /(jQ/qj) ■ f(^/p) = f(Q/p), i.e., [C/Q : Bffl ■ [B/<# : A/p] = [C/Q : A/p] 
where C D B D A are the integral closures of A in M, L, and K respectively. 



(12) 
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Proposition 4.1 Let Ac B and K c L be as above. 

(a) For any nonzero ideal aC A, Ml/k^B) = a m , where m = [L : K]. 

(b) Suppose L is Galois over K. Let ^ be a nonzero prime ideal of B and let p = *p D A. 
Writep-B = (ySi~-yS g ) e (cf. 3.34). Then 

Ny-B = W 1 ...y g ) e f = ]~[ cry. 

o€Gal(L/K) 

(c) For any nonzero element e B, Nm(/3) ■ A = Nm(/3 ■ B) (i.e., (12) commutes). 
PROOF, (a) It suffices to prove this for a prime ideal p, and for such an ideal we have that 

Af(pB) = A/"(rW) =p£ 9ifl = P m (by 3.34). 

(b) Since AAp ; - = p^ for each i, the first equality is obvious. In the course of the proof 
of (3.34), we showed that Gal(L/ K) acts transitively on the set {^Pi, ...,tyg}, and it follows 
that each *P/ occurs ™ = ef times in the family {ct*P | cr 6 Gal(L/ K)}. 

(c) Suppose first that L is Galois over K, and let f$ ■ B = b. The map a h-> a • B : Id(^4) — > 
ld(B) is injective (remember they are the free abelian groups on the sets of nonzero prime 
ideals), and so it suffices to show that Nm(/3) ■ B — Nm(b) ■ B. But 

Nm(b)-fi { =\\ob = IKfTfl-B) = (\\oR)-B =Nm(p)-B 

as required. 

In the general case, let £ be a finite Galois extension of K containing L, and let 
d = [E:L]. Let C be the integral closure of B in E. From (a), the Galois case, and 
the transitivity of M we have that 

Ml/k(P ■ B) d = Ne/k(P ■ C) = Nm^OS) • A = Nm L/K (j3) d -A. 
As the group of ideals Id(^4) is torsion-free, this implies that Ml/k(P ■ B) — Nm^/^( / 6) ■ 



Let a be a nonzero ideal in the ring of integers Ok of a number field K. Then a is of 
finite index in Ok, and we let No, the numerical norm of o, be this index: 

No = (O k : a). 

Proposition 4.2 Let Ok be the ring of integers in a number held K. 

(a) For any ideal o in O k , A/>/q(o) = (N(c)); therefore N(ob) = N(o)N(b). 

(b) Let b C a be fractional ideals in K; then 

(o: b) = N(a _1 b). 

PROOF, (a) Write o = f~[ pp , and let ft = /(p// pt ) where (pi) = Z n p/ ; then Nm(p,- ) = 
(Pi)*'. From the Chinese remainder theorem, Ok /o ~ YI^k/P^ an d so (Ok '■ o) = 
["[(O^ : pp ). In the course of the proof of (3.34), we showed that Ok / Pi' has a filtration of 
length Ti whose quotients are vector spaces of dimension fi over ¥ p . , and so (Ok : pp) = 

pf' r ' . On taking the product over i, we find that (Ok '■ o) = \\(pf ir ') = A/jt/Qfl. When 
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we identify the set of nonzero ideals in Z with the set of positive integers, then M becomes 
identified with N, and so the multiplicativity of N follows from that of M. 

(b) For any nonzero d e K, the map x h-> dx : K — > K is an additive isomorphism, and 
so (da : db) = (a : b). Since (da)(db)~ l = ctb -1 , we may suppose that a and b are integral 
ideals. The required formula then follows from (a) and the formulas 

(O k : o)(o : b) = (O k : b) 

and 

N(a)-N(a -1 b) = N(b). □ 



Statement of the main theorem and its consequences 

We now state the main theorem of this section and discuss some of its consequences. 

THEOREM 4.3 Let K be an extension of degree n of Q, and let Ax be the discriminant of 
K/Q. Let 2s be the number of nonreal complex embeddings of K. Then there exists a set 
of representatives for the ideal class group of K consisting of integral ideals a with 

n\ /4V, ,i 
N(o)<— - \A K \2. 
n" \n ) 

The number on the right is called the Minkowski bound — we sometimes denote it 
by Bk- The term Ck = (^) is called the Minkowski constant. It takes the following 
values: 



n 


r 


s 


c 


2 





1 


0.637 


2 


2 





0.500 


3 


1 


1 


0.283 


3 


3 





0.222 


4 





2 


0.152 


4 


2 


1 


0.119 


4 


4 





0.094 


5 


1 


2 


0.062 


5 


3 


1 


0.049 


5 


5 





0.038 


100 


100 





0.93 x 10" 42 



Here r is the number of real embeddings of K. We have 

K®qR rs R r xC\ 

and, if K = Q[a] and f(X) is the minimum polynomial of a, then r is the number of real 
roots of / (X) and 2s is the number of its nonreal roots. To see that these descriptions of r 
and s agree, apply (1.18). 

Before proving (4.3), we give some applications and examples. 

Theorem 4.4 The class number of K is finite. 



Statement of the main theorem and its consequences 
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PROOF. It suffices to show that there are only finitely many integral ideals a in Ok such 
that N(a) is less than the Minkowski bound — in fact, we shall show that, for any integer 
M, there are only finitely many integral ideals o with N(a) < M. If o = YlP? > tnen ^( a ) = 
Y[ p\ l ^ where (/>, ) = n Z. As N(o) < M, this allows only finitely many possibilities for 
the pi (and hence for the p; ), and only finitely many possibilities for the exponents r,- . □ 

Let S be the set of integral ideals in K with norm < Br. Then 5* is a finite set, and 
CI(Ok) = S/ ~, where a ~ b if one ideal is the product of the other with a principal (frac- 
tional) ideal. There is an algorithm for finding S, and an algorithm for deciding whether 
o ~ b, and so there is an algorithm for finding CI(Ok) (the group, not just its order). To find 
S, find the prime ideal factors of enough prime numbers, and form some of their products. 
To decide whether a ~ b, one has to decide whether c = ob _1 is principal. From (4.2b) we 
know that, for y e c, 

c = (y) Nc = |Nmy| 
and so we have to solve the equation: 

Nm y = constant. 

When we express y in terms of an integral basis, this becomes a (very special) type of 
diophantine equation. For a descriptions of algorithms for finding CI(Ok), see Cohen 
1993, 6.5, and Pohst and Zassenhaus 1989, p424. 

Example 4.5 Let K = Q[i]. The condition in Theorem 4.3 is that N(a) < < 1.27. 
There are no such ideals other than Z[/], and so Z[/] is a principal ideal domain. (Of course, 
the elementary proof of this shows more, namely, that Z[/] is a Euclidean domain. Even 
for rings of integers in number fields, it is not true that all principal ideal domains are 
Euclidean domains. For example, Q[V— 19] has class number 1, but its ring of integers 
is not a Euclidean domain. For more on such things, see the survey article Lemmermeyer 
1995 1 .) 

Example 4.6 Let K = Q[*/-5\- Here N(a) < 0.63 x V20< 3. Every ideal satisfying 
this must divide (2). In fact, (2) = p 2 where p = (2, 1 + and Np 2 = N(2) = 4, 

and so Np = 2. The ideals Ok and p form a set of representatives for C1(Z[V— 5]). The 
ideal p can't be principal because there does not exist an element a = m + n V— 5 such that 
Nm(a) = m 2 + 5« 2 = 2, and so C1(Z[V— 5]) has order 2. 

Example 4.7 Let K be a cubic field with discriminant < 0. Since the sign of A% is (— l) s , 
and [K : Q] = r + 2s, we have s = 1, r = 1. The Minkowski bound is 

B K <0.283|Z\^|3. 

For | Ak I < 49, Bk < 2, and so for cubic fields with — 49 < Ak < 0, the class number h = 1 . 
For example, this is true for the number fields with discriminants —23 and —31 discussed 
earlier (see 2.36, 2.37). 

'Lemmermeyer, Franz. The Euclidean algorithm in algebraic number fields. Exposition. Math. 13 (1995), 
no. 5, 385-416. 
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For the stem field of X 3 + 10X + 1, the discriminant is —4027, and the Minkowski 
bound is < 18. Recall from (3.48) that 

(2) = (2,l+a)(2,l + a + a 2 ). 

Let p = (2, 1 + a); its norm is 2. One can show that it generates the class group, and that 
it has order 6 in the class group, i.e., p 6 but no smaller power is principal. Hence the class 
group is cyclic of order 6. (The proof takes quite a bit of hard work if you do it by hand — 
see Artin 1959, 12.6, 13.3. Using PARI, you can type "bnf clgp(X"3+10*X+l)") 

Example 4.8 Let a be a root of f(X) = X s - X + 1. We saw in (2.39) that f(X) is 
irreducible and its discriminant is 19 x 151, and so the ring of integers of Q[a] is Z[a]. 

According to Theorem 4.3, every class of ideals for Q[a] contains an integral ideal a 
with 

N(a) < 0.062 x Vl9x 151 = 3.3 < 4. 

If p is a prime ideal with N(p) = 2, then the residue field at p must be F2, and / (X) must 
have a root mod 2; however, both / (0) and f(l) are odd, and so / (X) doesn't have a root 
in F2, which shows that p doesn't exist. Similarly, there is no prime ideal p with N(p) = 3, 
and so Ok is a principal ideal domain! 

The Galois group of the splitting field M of / (X) is S5 (later we shall see how to 
find Galois groups; for the moment type "polgalois (X~5-X-l)" in PARI), and hence 
[M;Q] = 120. It is possible to show that M is unramified over Q[Vl9x 151]. 

An extension L of a number field K is said to be unramified over K if no prime ideal 
of Ok ramifies in Ol ■ 

THEOREM 4.9 There does not exist an unramified extension of Q. 

PROOF. Let K be a finite extension of Q. Since a set of representatives for the class group 
must have at least one element, and that element will have numerical norm > 1, Theorem 
4.3 shows that 

1 |2 - ^7 \a ) ~ ~nA V47 ' 

Let a n = rhs. Then a-i > 1, and g " +1 = (1 + ^)" > 1, and so the sequence a n is 
monotonically increasing. Hence the discriminant of K has absolute value > 1, and we 
know from (3.35) that any prime dividing the discriminant ramifies. □ 

Corollary 4.10 There does not exist an irreducible monic polynomial f (X) e 7L\X\ of 
degree > 1 with discriminant ±1. 

PROOF. Let / (X) be such a polynomial, and let a be a root of / (X). Then disc(Z[a]/Z) = 

def 

±1, and so Z[ot] is the ring of integers in K = Q[a] and disc(Oj^/Z) = ±1, which contra- 
dicts the theorem. □ 

Remark 4.11 There may exist unramified extensions of number fields other than Q. In 
fact, class field theory says that the maximal abelian unramified 2 extension of K (called 



2 The Hilbert class field L of K is required to be unramified even at the infinite primes — this means that 
every real embedding of K extends to a real embedding of L. 
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the Hilbert class field of K) has Galois group canonically isomorphic to C\(Ok)- For 
example, the theory says that Q[V^5] has an unramified extension of degree 2, and one 
verifies that Q[V^T, V— 5] is unramified over Q[V— 5]. In particular, the discriminant of 
QtV^T, V-5] over Q[V^5] is a unit. 3 

Remark 4.12 Let K\ be a number field with class number hx x > 1. Its Hilbert class field 
is an abelian unramified extension K?_ of K\ with QAiKij K\) ~ Cl(A'i). Let ^3 be the 
Hilbert class field of K2, and so on. In this way, we obtain a tower of fields, 

It was a famous question (class field tower problem) to decide whether this tower can be 
infinite, or must always terminate with a field of class number 1 after a finite number of 
steps. It was shown by Golod and Shafarevich in the early 60s that the tower is frequently 
infinite. See Roquette 1967. 

If K has class number 1, then it has no abelian unramified extensions, but it may have 
nonabelian unramified extensions, even infinite (see, for example, D. Brink, Remark on 
infinite unramified extensions of number fields with class number one, J. Number Theory 
130 (2010), 304-306; mo53530). 

Lattices 

Let V be a vector space of dimension n over IL A lattice A in V is a subgroup of the form 

A = Zei + — + Ze r 

with e\ , e r linearly independent elements of V. Thus a lattice is the free abelian subgroup 
of V generated by elements of V that are linearly independent over IL When r = n, the 
lattice is said to be, full. At the opposite extreme, A = {0} is a lattice (generated by the 
empty set of elements). In terms of tensor products, one can say that a full lattice in V is a 
subgroup A of V such that the map 

E n ®Xi^J2 nxt : R ®z a -> v, 

is an isomorphism. 

NONEXAMPLE 4.13 The subgroup Z + Z^/l of M is a free abelian group of rank 2 (be- 
cause V2 is not rational), but it is not a lattice in M. 

We shall need another criterion for a subgroup A of V to be a lattice. The choice 
of a basis for V determines an isomorphism of V with W, and hence a topology on V; 
the topology is independent of the basis, because every linear automorphism of MP is a 
homeomorphism. A subgroup A of V is said to be discrete if it is discrete in the induced 
topology. A topological space is discrete if its points (hence all subsets) are open, and so to 
say that A is discrete means that every point a of A has a neighbourhood U in V such that 
UHA = {a}. 

3 The ring of integers in Q[V— 1, V— 5] is Z V— T, (1 + \/5)/2 , which properly contains Z[V— 1, V— 5]. 
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Lemma 4.14 The following conditions on a subgroup A of a finite-dimensional real vector 
space V are equivalent: 

(a) A is a discrete subgroup; 

(b) there is an open subset UofV such that U Tl A = {0}; 

(c) each compact subset of V intersects A in a finite set; 

(d) each bounded subset of V intersects A in a finite set. 

PROOF, (a) ^=>- (b). Obviously (a) implies (b). For the converse, note that the translation 
map x m> a + x:V — >■ V is a homeomorphism, and so, if U is a neighbourhood of such 
that U fl A = {0}, then a + U is a neighbourhood of a such that (a + U) fl A = {a}. 

(a)=Kc). Condition (a) says that A is a discrete space for the induced topology. Hence, 
if C is compact, then C fl A is both discrete and compact, 4 and therefore must be finite. 

(c) =Kd). The closure of a bounded set in E" (hence in V) is compact, and so this is 
obvious. 

(d) =^(b). Let U be a bounded open neighbourhood of 0. Then S = U fl A \ {0} is finite 
and hence closed, and so U \ S is an open neighbourhood of {0} such that (U \ S) fl A = 
{0}. 

Proposition 4.15 A subgroup AofV is a lattice if and only if it is discrete. 

PROOF. Clearly, a lattice is discrete. For the converse, let A be a discrete subgroup of V, 
and choose a maximal M-linearly independent subset {e\, .. .,e r } of A. We shall argue by 
induction on r. 

If r = 0, A = 0, and there is nothing to prove. 

If r = 1, then A C Rei. Because 7l is discrete, for each M > 0, 

{aei | |a| < M}nA 

is finite, and so there is an / e A such that, when we write / = ae\, a attains its minimum 
value > 0. I claim A = Zf. Any aeyl\Z/ will equal (m + b)f for some m € Z and b 
with < ft < 1; but then (a — mf ) = bf = abe\, and < ab < a, which contradicts our 
choice of /. 

If r > 1, we let A' = A D (Mei H h Me r -i). Clearly this is a discrete subgroup of 

def 

the vector space V — Mei H h Re r _i and so, by induction, A' = 7Lf\ H h Zfr-i for 

some /; that are linearly independent over R (and hence also form a basis for V). Every 
a e A can be written uniquely 

a = a\f\-\ \-a r -\f r -\ +ae r , ai,aeR. 

Let (p: A — > E be the map dH>a, and let A" = lm((p). Note that o is also the image of 

(ai - [fli])/i H h (a,--i - [fl r _i])/ r _i +ae r , [*] = integer part, 

4 I am implicitly using that a discrete subgroup of a Hausdorff group is closed (note that a discrete subset 
need not be closed, e.g., {l/n \ n an integer > 0} is not closed in the real numbers). Here is the proof. Let H 
be a discrete subgroup of a Hausdorff group G. There exists a neighbourhood U of 1 such that U fl H = 1; 
choose a neighbourhood V of 1 such that V~ l V is contained in U . For distinct elements a and b of //, Va 
and Kfc are disjoint. Let g lie in the closure of H, so that H fl is nonempty. If a lies in // PI V~ l g, 

say a = v g, then g E Fa. This shows that H fl V~ l g = {a}. As g is in the closure of H, this implies that 
g = a, and so g lies in H . More generally, every locally compact subgroup of a Hausdorff group is closed. 



Lattices 



75 



and so each element a e A" in a bounded set, say with < \a\ < M, is the image of an 
element of A in a bounded set, 

0<flj<l, i = l,...,r — 1, \a\<M. 

Thus there are only finitely many such as, and so A" is a lattice in M, say A" = Z • (p(f r ), 
f r eA. 

Let a e A Then = acp(f r ) for some o eZ, and <p(a — a/,-) = 0. Therefore 
a — af r e A', and so it can be written 

a — afr = a\f\-\ \-a r -\f r -i, m e Z. 

Hence 

a = fli/H hflr-i/r-i +afr, at,aeZ, 

which proves that A = ^ "Lfi . □ 

Let F be a real vector space of dimension n, and let A be a full lattice in V, say 
A = J^Ze,. For any Ao e A, let 

Z> = {Ao + X>*ei |0< fl/ <1}. 

Such a set is called a fundamental parallelopiped for 71. The shape of the parallelopiped 
depends on the choice of the basis (e/), but if we fix the basis and vary Ao e A, then the 
parallelopipeds cover W without overlaps. 

Remark 4. 16 (a) For a fundamental parallelopiped D of a full lattice 

A = Zfx + ~. + Zf H 

in M" , the volume of D 

ti(D) = \fet(f u -,fn)\. 
(See any good book on calculus.) If also 

7l = Z/ 1 / + Z/ 2 / + -- + Z/„ / , 

then the determinant of the matrix relating {/]} and {/■'} has determinant ±1, and so the 
volume of the fundamental parallelopiped doesn't depend on the choice of the basis for A. 

(b) When A D A' are two full lattices in W, we can choose bases {e, } and {fi} for A 
and A' such that /, = with m,- a positive integer. With this choice of bases, the fun- 
damental parallelopiped D of A is a disjoint union of (A : A') fundamental parallelopipeds 
D' of A'. Hence 

^ = (^') (•)• 

/x(Z)) 

As we noted above, the choice of a basis for V determines an isomorphism F «R", 
and hence a measure /x on V. This measure is translation invariant (because the Lebesgue 
measure on W is translation invariant), and well-defined up to multiplication by a nonzero 
constant (depending on the choice of the basis) 5 . Thus the ratio of the measures of two sets 
is well-defined, and the equation (*) holds for two full lattices A D A' in V. 



5 The experts will recognize ji as being a Haar measure on V . 
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Theorem 4.17 Let Dq be a fundamental parallelopiped for a full lattice in V, and let S 
be a measurable subset in V. If Li(S) > //(Do), then S contains distinct points a and fi 
such that f} — a € A. 

PROOF. The set S fl D is measurable for all fundamental parallelopipeds D, and 

MS) = 2>(Sn/>) 

(sum over translates of D by elements of A). For each D, a (unique) translate of S fl D by 
an element of A will be a subset of Dq. Since fi(S) > ix{Dq), at least two of these sets will 
overlap, i.e., there exist elements a,/3 e S such that 

a — X = /3 — X', someX,X'eA. 

Then ft -a e A. □ 

Remark 4.18 In the language of differential geometry, the theorem can be given a more 
geometric statement. Let M = V/A; it is an ^-dimensional torus. The measure \x on V 
defines a measure on M for which M has measure fi(M) = /x(D). The theorem says that 
if /x(S) > /x(M), then the restriction of the quotient map V M to S can't be injective. 

Let T be a set such that 

a,fi eT ^ ±(a-p)eT, (**) 

and let S = \T . Then T contains the difference of any two points of S, and so T will 
contain a point of A other than the origin whenever 

li(D) <ii(±T) = 2- n ii(T), 

i.e., whenever 

l i(T)>2 n l i(D). 

We say that a set T is convex if, with any two points, it contains the line joining the 
two points, and that T is symmetric in the origin if a e T implies —aeT.A convex set, 
symmetric in the origin, obviously satisfies (**), and so it will contain a point of A \ {0} if 
its volume is greater than 2 n \x(D). 

Theorem 4.19 (Minkowski's) Let T be a subset of V that is compact, convex, and 
symmetric in the origin. If 

Il(T)>1?vl(D) 
then T contains a point of the lattice other than the origin. 
Proof. Replace T with (1 +e)T, s > 0. Then 

li((l + e)T) = (l+e) n ti(T)>2 n vL(D), 

and so (1 + s)T contains a point of A other than the origin (see the preceding remark). It 
will contain only finitely many such points because A is discrete and (1 + s)T is compact. 
Because T is closed 

T = n (l + e)T. 

If none of the (finitely many) points of A fl (1 + s)T other than the origin is in T, we will 
be able to shrink (l + e)T (keeping e > 0) so that it contains no point of A other than the 
origin — which is a contradiction. □ 
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Remark 4.20 Theorem 4.19 was discovered by Minkowski in 1896. Although it is al- 
most trivial to prove, it has lots of nontrivial consequences, and was the starting point for 
the branch of number theory called the "geometry of numbers". We give one immediate 
application of it to prove that every positive integer is a sum of four squares of integers. 
From the identity 

(a 2 + b 2 + c 2 + d 2 )(A 2 + B 2 + C 2 + D 2 ) = 

(aA-bB-cC - dD) 2 + (aB + bA + cD- dC) 2 + 
(aC-bD + cA + dB) 2 + (aD + bC-cB + dA) 2 , 

we see that it suffices to prove that a prime p is a sum of four squares. 
Since 

2= l 2 + l 2 + o 2 + 2 , 
we can suppose that p is odd. I claim that the congruence 

m 2 + n 2 + 1 = mod p 

has a solution in Z. As m runs through 0, 1, ...,p — 1, m 2 takes exactly (p + l)/2 distinct 
values modulo p, and similarly for — 1 — n 2 . For the congruence to have no solution, all 
these values, p + 1 in total, must be distinct, but this is impossible. 

Fix a solution m , n to the congruence, and consider the lattice A C Z 4 consisting of 
(a,b,c,d) such that 

c = ma + nb, d=mb — na mod/). 

Then Z 4 D A D /?Z 4 and A / />Z 4 is a 2-dimensional subspace of F 4 (the a and b can be 
arbitrary mod p, but then c and d are determined). Hence A has index p 2 in Z , and so the 
volume of a fundamental parallelopiped is p 2 . Let 7" be a closed ball of radius r centered 
at the origin. Then T has volume n 2 r 4 /2, and so if we choose r so that 2p > r 2 > l.9p 
say, then 

p(T) > 16/z(Z>). 

According to Minkowski's theorem, there is a point (a,b,c,d) e (A \ {0}) D T. Because 
(a,b,c,d) e A, 

a 2 + b 2 + c 2 + d 2 = a 2 (I +m 2 + n 2 ) + b 2 (l+m 2 + n 2 ) = mod p, 
and because (a,b,c,d) € T, 

a 2 + b 2 + c 2 + d 2 <2p. 

As a 2 + b 2 + c 2 + d 2 is a positive integer, these conditions imply that it equals p. 

This result was stated by Fermat. Euler tried to prove it over a period of 40 years, and 
Lagrange succeeded in 1770. 

Some calculus 

4.21 Let V be a finite-dimensional real vector space. A norm on V is a function || • ||: V —> 
R such that 

(a) for all x e V, ||x|| > 0, and ||x|| = x = 0; 
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(b) for r e R and xeV, \\rx\\ = |r|||x||; 

(c) (triangle law) for x,y e V, ||x + y|| < ||x|| + ||y||. 

Let V = R r x C s — it is a real vector space of dimension n = r + 2s. Define a norm 
on V by 

r r+s 

iixii = y^ix,-i +2 \zi\ 

i=\ i=r+l 

if x = (x l ,...,x r ,z r+l ,...,z r+s ). 

Lemma 4.22 For any real number t > 0, let 

X(t) = {xe V | ||x|| <t}. 

Then 

fi(X(t)) = 2 r (jz/2) s t n /n\. 
PROOF. Since X(t) is symmetric with respect to the r real axes, we have 

l x(X(t)) = 2 r . l x(Y(t)) 

where Y{t) = {x | ||x|| < t, x\, ...,x r > 0}. For the complex variables, we make the change 
of variable 

Zj = xj + iyj = - pj (cos Oj + i sin 6>_/ ) . 

The Jacobian of this change of variables is pj / 4. After integrating over the 9j , for < Oj < 
2n, we find that 

pi(X(t)) = 2 r ■ 4~ s ■ (2jz) s j^p r+l --- p r+s dxi ■ ■ ■ dx r dpr+i ■ ■ ■ dp r+s 

where 

Z = {(x,p)eR r+s \xi, Pi >0, E^ + EPi <t}. 

The result now follows from the next lemma by taking: m = r + s; = 0, 1 < i < r; 
cii = 1, r + 1 < i < m; for then 

fi(X(t)) = 2 r ■A- s -(2tt) s -t n /n\ 

as required. □ 

Lemma 4.23 Form >0el, let 

I(a\,...,a m ,t) = / x\ x ---x^" dx\ ■■■ dx m , 
Jz(t) 



where Z{t) = {xeR m \ x t > 0, J2 x i < 0- Then 

riai 

r(ai+--- + a m +m + l)' 
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PROOF. Recall that, by definition, (e.g., Widder, D., Advanced Calculus, 1961, Chapter 
11), 



poo 

r(x)= / e-U x - x dt. 



10+ 

It takes the value r(n) = (n — 1)! for n a nonnegative integer. 
By making the change of variables x\ = tXj in /, we see that 

I(a l ,...,a m ;t) = t Eai+m I(a u ...,a m ;l). 

Therefore it suffices to prove the formula for t = 1. We prove this case by induction on m. 
First, we have 

1 r(fli + 1) 



r 1 1 

/(«i;l)= / x{ l dx x = — 

Jo «i + 1 



r( fll +2) 

Let 

Z(x m )' = {xeR m ~ 1 \ Xi >0, < l-x w }. 

Then 

I( ai ,...,a m ;l)= [ x%"([ x\ x ~-x a ™^dx x ---dx m -\dx m , 
Jo \Jz(x m y J 

~ I x m" ' a m— 1 ! 1 — x m)dx m 

Jo 

=I(a l ,...,a m - l ;\) I x a m m {\ - x m )^ ai+m - 1 dx m 
Jo 

r(a m + l)r(a\ H Va m -i+m) 

=I(a 1 ,...,a m -i;l) — ■ ■ ■ — . 

r(ai H Va m +m + 1) 

In the last step, we used the standard formula 



/' 

Jo 



x™-\l-xY^dx = B( m ,n)= nm)nn l 

r(m +n) 



Example 4.24 (a) Case r = 2, s = 0. Then X(t) is defined by |x| + \y \ < t. It is a square 
of side and so ix(X(t)) = It 2 . 

(b) Case r = 0, s = 1. Then is the circle of radius t/2, which has area nt 2 /4. 

Lemma 4.25 Leta\,...,a n be positive real numbers. Then 

(n«0 1/n <£»/«; 

equivaient7y, 

n«/ <(E ««■ )"/»"• 

(The geometric mean is less than or equal to the arithmetic mean.) 

PROOF. See any good course on advanced calculus. □ 
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Finiteness of the class number 

Let K be a number field of degree n over Q. Suppose that K has r real embeddings 
{oi, . . . , oy } and 2s complex embedding {o>+i ,tr r +i» . . . , oy+s , cr,^}. Thus n = r + 2s. 
We have an embedding 

a: K ^ R r x C s , a \-> (aia,. . . ,a r + s a). 
We identify K = W x with W using the basis { 1 , i } for C. 

Proposition 4.26 Let a be an idea] in 0^; then a(a) is a fuii lattice in V, and the volume 
of a fundamental parallelopiped of a (o) is 2~ s ■ No ■ | Ak \ 5 ■ 

Proof. Let a\,...,a n be a basis for a as a Z-module. To prove that a(a) is a lattice 
we show that the vectors o(a\),.. .,a(a n ) are linearly independent, and we prove this by 
showing that the matrix A, whose ith row is 

(ai(ai),...,Or(cci),$i((rr+m),%(<Tr+m),---) 

has nonzero determinant. 

First consider the matrix B whose z'th row is 



(ai (ai), . . . ,a r (ai),a r +i(ai),a r+ i(oii), . . . ,cr r+ s(ai)). 

We saw in (2.26) that det(S) 2 = disc(ai, . . . ,a n ) ^ 0. 

What is the relation between the determinants of A and Bl Add column r + 2 in B 
to column r + 1, and then subtract 1/2 column r + 1 from column r + 2. This gives us 
29}(oy+i(o!/)) in column r + 1 and — /3(o>+i (a,)) in column r + 2. Repeat for the other 
pairs of columns. These column operations don't change the determinant of B, and so 

det(fi) = (-20'detL4), 

or 

detL4) = (-20"'det(S) = ±(-2/)-*disc(ai, . . . ,a n ) 1/2 ^ 0. 

Thus a (a) is a lattice in V. 

Since a (a) = J]" =1 Za(a, ), the volume of a fundamental parallelopiped D for ct(o) is 
| det(^4)|, and from (2.25) we know that 

|disc(ai,...,a„)| = (O k : a) 2 ■ |disc(C^/Z)|. 

Hence 

fi(D) = 2~' s -|disc(Q!i,...,Q!„)|2 = 2" 1? -Na-|Z\ jS :|2. D 

Proposition 4.27 Let a be an ideal in Ok- Then a contains a nonzero element a of K 
with s 

\Nm(a)\<B K -m=(-) ^Ncl^jcli 
\7t ) n n 
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PROOF. Let X{t) be as in (4.22), and let D be a fundamental domain for the lattice a(o). 
The set X(t) is compact convex and symmetric in the origin, and so, when we choose t 
so large that fi(X(t)) > 2" • i-i(D), Minkowski's Theorem shows that X(t) contains a point 
o(a) ^ of a(o). For this a e a, 

|Nm(a)| = |CTi(a)|---|a r (a)||a r+ i(a)| 2 ---|a r+5 (a)| 2 

< (J2WiC(\ + J2 2 \ ar i a \) n / nn (by 4.25) 
<t n /n n . 



In order to have li{X{t)) > 2 n ■ jU-(D), we need (see 4.22, 4.26) 
2 r (7z/2) s t n /n\ >2 n -2~ s -Na-\A K \K 

i.e., 

2 n ~ r i 
t n >n\ Na-|Z\^|3. 

When we take t" to equal the expression on the right, we find that 

, n\ 2 n ~ r ,i 
Nmo <- ■ — -Na- ^ 2. 

n" n s 

As n — r = 2s, this is the required formula. □ 

Proof (of Theorem 4.3) Let c be a fractional ideal in K — we have to show that the 
class of c in the ideal class group is represented by an integral ideal a with 

„ def «! /4V U .1 

Na = — - \A K \2. 
n n \n ) 

For some d e K x , dc~ l is an integral ideal, say (d) ■ c _1 = b. According to the result just 
proved, there is a € b, /3 ^ 0, with 

|Nm(0)| < B K -Nb. 

Now /30k C b =>■ = ab with a integral, and a ~ b _1 ~ c. Moreover, 

Na-Nb = |Nm^/Q^| < B K -Nb. 

On cancelling Nb, we find that Na < Bk- □ 

Remark 4.28 Proposition 4.27 can be useful in deciding whether an integral ideal is prin- 
cipal. 



Binary quadratic forms 

Gauss studied binary quadratic forms, and even defined a product for them. This work 
was greatly clarified when Kummer and Dedekind defined ideals, and it was realized that 
Gauss's results were related to the ideal class groups of quadratic number fields. Here I 
briefly explain the connection. 
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By a binary quadratic form we mean an expression of the form 

Q(X,Y) = aX 2 + bXY + cY 2 . 

We call the form integral if Q(m,n) is an integer whenever m and n are integers, or, equiv- 
alently, if a, b, c el*. The discriminant of Q is 

dQ = b 2 — 4ac. 

A form is said to be nondegenerate if its discriminant is nonzero. Two integral binary 
quadratic forms Q and Q' are said to be equivalent if there exists a matrix A = ( " ^ ^ € 
SL 2 (Z) such that 

= Q(aX + pY,yX + 8Y). 

Clearly, equivalent forms have the same discriminant, but there exist inequivalent forms 
with the same discriminant. The question considered by Gauss was to try to describe the 
set of equivalence classes of forms with a fixed discriminant. 

Let d ^ 1 be a square-free integer, let K = Q[Va], and let d^ = disc(Ox:/Z). Define 
the norm form q% by 

q K {X,Y) = Nm K/Q (X + Y«/d) = X 2 - dY 2 , \f d = 2,3 mod4 

or 

qK (X,Y)=Nm K/Q (X + Y±±fi) = X 2 + XY + ^Y 2 , if d = 1 mod 4. 



In both cases qg has discriminant dg (— Ad or d). 

In general, if Q is an integral binary quadratic form, then dQ = dgf 2 , some integer 
/, where K — Q[*/f/g]. Moreover, if dQ = dx, then Q is primitive, i.e., gcd(a,^,c) = 1. 
Fix a field K = t Q[\fd] and an embedding K C. We choose to be positive if 
> 0, and to have positive imaginary part if d is negative. Set y/d~K = 2\[d or yfd. Write 
Gal(^/Q) = {l,a}. If d < 0, define Cl + (/:) = Cl(^) (usual class group of A - ) and if 
d > 0, define 

Cl+(X) = Id(i«:)/P + (iO 

where P + is the group of principal ideals of the form (a) with a > under every 
embedding of K into R. 

Let o be a fractional ideal in K, and let a\,ai be a basis for o as a Z-module. From 
(2.25) we know that 



2 



After possibly reordering the pair a\ we will have 



OCl\ OCl2 



d K na. 



For such a pair, define 



Q ai ,a 2 (X,Y) = Na- l -Nm K/Q ( ai X + a2Y). 
This is an integral binary quadratic form with discriminant d^. 
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Theorem 4.29 The equivalence class of Q a \,a 2 C^> Y) depends only on the image of a in 
moreover, the map sending a to the equivalence class of Qa x ,a 2 defines a bijec- 
tion from C1 + (K) to the set of equivalence classes of integral binary quadratic forms with 
discriminant d^- 

PROOF. See Frohlich and Taylor 1991, VII.2 (and elsewhere). □ 

In particular, the set of equivalence classes is finite, and has the structure of an abelian 
group. This was known to Gauss, even though groups had not yet been defined. (Gauss 
even knew it was a direct sum of cyclic groups.) 

Aside 4.30 Write hd for the class number of Q[*Jd], d a square-free integer 7^ 1. In modern 
terminology, Gauss conjectured that, for a fixed h, there are only finitely many negative d such that 
hd = h. (Actually, because of a difference of terminology, this is not quite what Gauss conjectured.) 
In 1935, Siegel showed that, for every e > 0, there exists a constant c > such that 

hd > c\d\?~ E , d <0. 

This proves Gauss's conjecture. Unfortunately, the c in Siegel's theorem is not effectively com- 
putable, and so Siegel's theorem gives no way of computing the ds for a given h. 

In 1951, Tatuzawa showed that Siegel's theorem is true with an effectively computable c except 
for at most one exceptional d . 

It is easy to show that h d = 1 for -d = 1,2,3,7, 11, 19,43,67, 163 (exercise!). Thus in 1951 
it was known that there exist these 9 quadratic imaginary number fields with class number 1, and 
possibly 1 more. 

In 1952 Heegner proved that there was no 10th such field, but his proof was not recognized to 
be correct until 1969 (by Deuring and Stark). In the interim, Baker (1966), Stark (1966), and Siegel 
(1968) had found proofs. 

More recently (1983), Goldfeld, Gross, and Zagier showed, using completely different methods 
from Siegel, that there is an effective procedure for finding all d < with hd equal to a given h. For 
an expository article on this, see Goldfeld, Bull. Amer. Math. Soc. 13 (1985), 23-37. 

By way of contrast, it is conjectured that there are infinitely many real quadratic fields with class 
number 1, but this has not been proved. 

Notes Fermat stated, and probably proved, the three statements in Exercise 3-3. However, for 5 
he could only state the following conjecture: 

If two primes are of the form 20k + 3 or 20k + 7, then their product is of the form 
x 2 + 5y 2 . 

The fact that this statement is more complicated than it is for 1, 2, or 3 was the first indication that 
the arithmetic of the ring of integers in Q[V^5] is more complicated than it is in the fields with 
smaller discriminant. Lagrange found an explanation for Fermat's statements by showing that all 
binary quadratic forms of discriminant —4 are equivalent, and similarly for discriminants —8 and 
—12, but that the forms of discriminant —20 fall into two equivalence classes. Dedekind was able to 
interprete this as showing that Q[V— 5] has class number 2. 

Exercises 

4-1 Give an example of an integral domain B, a nonzero prime ideal p in B, and a subring 
A of B such that p n A = 0. (Note that this can't happen if B is integral over A — see the 
paragraph preceding 3.30.) 
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4-2 Let F C K C L be a sequence of number fields, and let A C B C C be their rings of 
integers. If and *^|p (prime ideals in C , B, and A respectively), show that 

e (a/*p).*cp/p) = eCQ/p), /COT) -/(Wp) = 

4-3 Let K = Q[a] where a is a root of X 3 + X + I (see 2.37). According to (3.34), what 
are the possible ways that (p) can factor in Ok as a product of prime ideals. Which of these 
possibilities actually occur? (Illustrate by examples.) 

4-4 Show that Q[V— 23] has class number 3, and that Q[V— 47] has class number 5. 

4-5 Let K be an algebraic number field. Prove that there is a finite extension L of K 
such that every ideal in Ok becomes principal in Oj_ . [Hint: Use the finiteness of the class 
number.] 

4-6 Let K = Q[a] where a is a root of X 3 - X + 2. Show that O k = Z[a] and that K 
has class number 1 . [One approach is to consider the square factors of the discriminant of 
X 3 — X + 2, and show that ^(a + ba + ca 2 ) is an algebraic integer if and only if a, b, and 
c are all even, but you may be able to find a better one.] 

4-7 Let K = Q[V-f, V5\. Show that O k = kt fil Show that the only primes 

(in Z) that ramify in K are 2 and 5, and that their ramification indexes are both 2. Deduce 
that K is unramified over Q[v— 5]. Prove that Q[V^5] has class number 2, and deduce 
that K is the Hilbert class field of Q[V=5]. (Cf. 4.11.) 
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In this section we prove the second main theorem of the course. 

Statement of the theorem 

Recall that a finitely generated abelian group A is isomorphic to ^ tors © ll for some t where 
^4 to rs is the (finite) subgroup of torsion elements of A (i.e., of elements of finite order). The 
number t is uniquely determined by A, and is called the rank of A. 

As before, we write r for the number of real embeddings of a number field K and 2s 
for the number of nonreal complex embeddings. Thus 

and r + 2s = [K: Q]. Moreover, if K = Q[a], then r is the number of real conjugates of a 
and 2s is the number of nonreal complex conjugates. 

THEOREM 5 . 1 The group of units in a number field K is finitely generated with rank equal 
tor + s—l. 

For example, for a real quadratic field, the rank is 2 + 0— 1 = 1, and for an imaginary 
quadratic field it is + 1 — 1 = 0. 

The theorem is usually referred to as the "Dirichlet Unit Theorem" although Dirichlet 
proved it for rings of the form Z[a] rather than Ok- 

Write Uk (= O k ) for the group of units in K. The torsion subgroup of Uk is the group 
l^(K) of roots of 1 in K. 

A set of units Mi,. . . ,u r + s -\ is called & fundamental system of units if it forms a basis 
for Uk modulo torsion, i.e., if every unit u can be written uniquely in the form 

u = fr? 1 —u^+Lf , £€ii(K), mi eZ. 

The theorem implies that /i(K) is finite (and hence cyclic). As we now explain, this 
can be proved directly. In Chapter 7, we shall see that, if t, m is a primitive mth root of 
1, then Q[£] is a Galois extension of Q with Galois group isomorphic to (Z/mZ) x . If 
m = Y[ is the factorization of m into powers of distinct primes, then Z/ rnL ~Y[Z/ p r . 1 Z 
by the Chinese remainder theorem, and so (Z/ mZ) x ~ fj (Z/ p^ 1 Z) x . As the nonunits of 
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Z/ /?['Z are exactly the elements divisible by p, and there are of these, we see that 

|(Z/ j p[' Z) x | = p?- l (pi - 1), and so 

|(Z/mZ) x | = nP?~\Pi ~ 1) = <K™)- 

Since 

Qttm] C * p0»)|[* : Q], 
the field ^ can contain only finitely many t, m . 

Lemma 5 . 2 An element a e K is a unit if and only if a e 0^ and Nm^ /q a = ± 1 . 
PROOF. If a is a unit, then there is a p" € 0# such that ap" = 1, and then Nm(a) and Nm(^) 
lie in Z and 1 = Nm(a/3) = Nm(a) -Nm(y8). Hence Nma e Z x = {±1}. 

For the converse, fix an embedding oq of K into C, and use it to identify K with a 
subfield of C. Recall (2.20) that 

Nm(a)= |~| aa = a • PJ era. 

Let fi = \\ a _£ act. If a e Ok, then p 1 is an algebraic integer. If Nm(a) = ±1, then 
p" = ±a _1 and so belongs to K. Therefore, if a satisfies both conditions, it has an inverse 
±/3 in Ok, and so is a unit. □ 

For all real fields, i.e., fields with an embedding into M, = {±1}; for "most" 

nonreal fields, this is also true. 

Example 5.3 Let K be a quadratic field Q[Vd]. Then Ok = {m + n*fd \ m,n e Z} or 
{m + n(l + Va)/2 | m,n e Z}. In the two cases, the units in 0^ are the solutions to the 
equations 

m 2 — n 2 d = ±1, or 
(2m + n) 2 -dn 2 = ±4. 

When <i < 0, these equations (obviously) have only finitely many solutions, and so Lfc = 
li(K). Note that £ m lies in a quadratic field if and only if (p(m) < 2. This happens only for 
m dividing 4 or 6. Thus ijl(K) = {±1} except for the following fields: 
Q[i], fi(K) = {±l,±i}; 

Q[V=3], /x(^) = {±l,±p, ±p 2 }, with p = (1 + V /= 3)/2). 
When <i > 0, the theorem shows that there are infinitely many solutions, and that Uk = ±m z 
for some element u (called the fundamental unit). As Cohn (1978 1 ) puts it, "the actual 
computation of quadratic units lies in the realm of popularized elementary number theory, 
including devices such as continued fractions." The method is surprisingly effective, and 
yields some remarkably large numbers — see later. 

Example 5.4 Let K = Q[a], where a is a root of X 3 + 10X + 1. We know that the 
discriminant Ak = —4027. Since sign(Z\j^) = (— l) s and r + 2s = 3, we must have r = 
1 = s. From its minimum equation, we see that Nm(of) = — 1, and so a is a unit. Clearly 
a is of infinite order, and later we shall show that it is a fundamental unit, and so Uk — 
{±a m | m € Z}. 

'Cohn, Harvey. A classical invitation to algebraic numbers and class fields. With two appendices by Olga 
Taussky: "Artin's 1932 Gottingen lectures on class field theory" and "Connections between algebraic number 
theory and integral matrices". Universitext. Springer- Verlag, New York-Heidelberg, 1978. xiii+328 pp. 
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Proof that Uk is finitely generated 

We first need an elementary result. 

Proposition 5.5 For any integers m and M, the set of all algebraic integers a such that 

o the degree of a is < m, and 

o \a'\ < M for all conjugates a 1 of a 

is Unite. 

PROOF. The first condition says that a is a root of a monic irreducible polynomial of degree 
< m, and the second condition implies that the coefficients of the polynomial are bounded 
in terms of M . Since the coefficients are integers, there are only finitely many such poly- 
nomials, and hence only finitely many as. □ 

Corollary 5.6 An algebraic integer a, all of whose conjugates in C have absolute value 
1, is a root of I. 

PROOF. According to the proposition, the set {1, a, a 2 ,...} is finite. □ 

Remark 5.7 It is essential to require a to be an algebraic integer. For example, a = 
(3 + 4/)/5 and its conjugate both have absolute value 1, as do their powers, but the set 
{I, a, a 2 ,. . .} is not finite. 

Recall that we previously considered the map 

a: K —^R 1 " xC s , a h> {o\a., . . . ,a r a,a r -\-ia, . . .,a r + s a) 

where {o\, . . . ,a r ,oy+i,oy+i, . . . ,o>+s ,d r + s } is the complete set of embeddings of K into 
C. It takes sums to sums. Now we want a map that takes products to sums, and so we take 
logarithms. Thus we consider the map: 

L : K x — > M. r+S , a \-> (log |cri« | , . . . ,log|o>a|,log |o>+ia|, . . . ,log lov+^al). 

It is a homomorphism. If u is a unit in Ok, then Nrn^/Q u = ±1, and so 

\aiu\---\a r u\\a r j r \u\ 2 ■■■\o r j rS u\ 2 = 1. 

On taking logs, we see that L(u) is contained in the hyperplane 

H : x\ H h x r + 2x r+ i H h 2x r+s = 0. 

Dropping the last coordinate defines an isomorphism H m M. r+S ~ 1 . 

Proposition 5.8 The image ofL:U H is a lattice in H, and the kernel of L is a finite 
group (hence is fi(K)). 

PROOF. Let C be a bounded subset of H containing 0, say 

C C{xeH | \xi\ <M}. 

If L(u) e C, then \oju\ < e M for all j, and Proposition 5.5 implies that there are only 
finitely many such us. Thus L(U) H C is finite, and this implies that L(U) is a lattice in H 
(by 4.15). If a is in the kernel of L, then \aia\ — 1 for all i, and so the kernel is finite by 
Proposition 5.5. □ 

Since the kernel of L is finite, we have 

rank([/) = rank(L(C/)) < dim// = r + s - 1. 
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Computation of the rank 

We now prove the unit theorem. 

Theorem 5 . 9 The image L(U)ofUinHisa full lattice; thus U has rank r + s — 1 . 

PROOF. To prove the theorem, we have to find a way to construct units. We work again 
with the embedding 

a:K^R r xC s ^R r+2s . 
For x = (x%, ,,„x r ,x r +i, ...) el r xC s , define 

Nm(x) = X\---X r •X r +i-Xr+\'"X r +s'Xr+s- 

Then Nm(a(a)) = Nm(a). Note that |Nm(x)| = \x\ \ ■ ■ ■ \x r ||x r +i | 2 •• • \x r +s \ 2 ■ 

Recall from (4.26), that a {Ok) is a full lattice in W x C s , and the volume of its funda- 
mental parallelopiped is 2~ s ■ \ A | 2 ; in more detail, if a\ , . . . , a n is a Z-basis for Ok , then 
we showed that the absolute value of the determinant of the matrix whose ith row is 

a (or,- ) = (cti (a t ),..., Sfi (o r+ 1 (a,- )), S(o>+i (a/)) , . . .) 

is 2~ s ■ \A\5. In fact, we showed that we could get this matrix from the matrix whose ith 
row is 

(<Tl (a; ),..., oy+i (at), a r+ i(o?/ ),...) 

by some elementary column operations that multiplied the absolute value of the determinant 
by 2~ s , and we know that the determinant of the second matrix is ± | A \ 2 . 
In the rest of the proof, x will be a point of W x C s with 

1/2 < |Nm(x)| < 1. 

Define 

x-o(Ok) = {x-o(a) I a e O k }- 

Since W x C s is a ring, this product makes sense. This is again a lattice in M'' xC 1 , and the 
volume of its fundamental parallelopiped is the determinant of the matrix whose ith row is 

(x x oi (a, ), . . . , !H(x r+ ia r+ i (at)), %(x r+ ia r+ i (a,-)). . . .). 

As before, the absolute value of the determinant of this matrix is 2~ s times the absolute 
value of the determinant of the matrix whose ith row is 

(X\Cf\{<Xi) X r +1 • <Xr+l («/), X r -|-i-a r -|-i (a/),...), 

which is 

|Zi|5-|Nm(x)|. 

Therefore x-o{Ok) is a lattice with 2~ s \ A \ 2 1 Nm(x) | as the volume of its fundamental 
domain. Note that as x ranges over our set these volumes remain bounded. 

Let T be a compact convex subset of W x C s , which is symmetric in the origin, and 
whose volume is so large that, for every x in the above set, Minkowski's theorem (4.19) 
implies there is a point y of Ok, y ^ 0, such that x-a(y) € T. The points of T have 
bounded coordinates, and hence bounded norms, and so 

x-o-(y) e T =>■ |Nm(x-a(y))| < M, 
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for some M (depending onT); thus 

|Nm(y)| < M/Nm(x) < 2M. 

Consider the set of ideals y ■ Ok, where y runs through the y 's in Ok for which x • a(y) e T 
for some x in our set. The norm N of such an ideal is < 2M , and so there can only be finitely 
many such ideals, say y\ - Ok-, - --,Yt '@K- Now if y is any element of Ok with x-o(y) € T, 
some x, then y ■ Ok = Yi • Ok for some i , and so there exists a unit e such that y = yi ■ e. 
Then x • a(s) e o(y~ l ) ■ T . The set T = <7(yj~ l ) • T U ... U <r(y f -1 ) ■ T is bounded, and so 
we have shown that, for each x in our set there exists a unit e such that the coordinates of 
x ■ a(e) are bounded uniformly in x (the set T doesn't depend on x). 

We are now ready to prove that L(U) is a full lattice in H . If r + s — 1 = 0, there is 
nothing to prove, and so we assume r + s — 1 > 1 . 

For each i, 1 < i < r + s, we choose an x in our set such that all the coordinates of x 
except Xj are very large (compared with T'), and xi is sufficiently small that |Nmx| = 1. 
We know that there exists a unit e,- such that x-a(sj) has bounded coordinates, and we 
deduce that |o/£; | < 1 for j ^ i, and hence that log \ojSj | < 0. 

I claim that .,„L(e r + s -i) w& linearly independent vectors in the lattice L(U). 

For this we have to prove that the matrix whose i th row is 

(h(si),...,l r+s -i(si)), / ; (e) = log|a,-e|, 

is invertible. The elements of the matrix except those on the diagonal are negative, but the 
sum 

h (Bi ) + - + lr+s-1 0* ) + Ir+s (Si ) = 0, 

and so the sum of the terms in the / th row 

/i(e/)H h/r+s-iOi) = -lr+s(£i) > 0. 

The next lemma implies that the matrix is invertible, and so completes the proof of Theorem 
5.9. □ 

Lemma 5.10 Let (a, 7 ) be a reai mxm matrix such that 

o ciij < for i 7^ j; 

o cijj > for i = 1,2, ...,m. 

Then {atj) is invertible. 

PROOF. If it isn't, then the system of equations 



J2 a 



ij Xj = i = 1 , . . . , m 



has a nontrivial solution. Write x\,...,x m for such a solution, and suppose /o is such that 
\xi Q | = max{|x/ 1}. We can scale the solution so that Xj = 1. Then \xj \ < 1 for j ^ z'o, and 
the z'oth equation gives a contradiction: 

= > ai Q jXj = a,- , + > a ioj x j — a ioh + y,;-t; a 'oJ > 0- 
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S -units 

Let S be a finite set of prime ideals of K, and define the ring of S-integers to be 
O k (S) = P| O p = {aeK\ ord p (a) > 0, all p £ 5}. 

For example, if 5 = 0, then 0^(5) = O k . 
Define the group of S -units, to be 

U(S) = K (S) X = {asK\ ordp(a) = 0, all p £ 5}. 

Clearly, the torsion subgroup of U(S) is again fi(K). 

Theorem 5.11 The group of S -units is finitely generated with rank r + s + #S — 1 . 
PROOF. Let pi,p2,---,pt be the elements of S. The homomorphism 

M^(...,ord P; (M),...):(7(5)^Z f 

has kernel U. To complete the proof, it suffices to show that the image of U(S) in 1} has 
rank t. Let h be the class number of K. Then p^ is principal, say p^ = (jTj), and tt; is an 
5 -unit with image 

(0, . . . ,h, . . . ,0) (h in the ith position). 
Clearly these elements generate a subgroup of rank t. □ 

For example, if K = <Q> and S = {(2), (3), (5)} then 

U(S) = {±2 k 3 m 5 n | k,m,n € Z}, 
and the statement is obvious in this case. 



Example: CM fields 

A number field is totally real if all of its embeddings in C lie in M, and it is totally imaginary 
if none of its embeddings in C lie in EL For example, K = Q[a] ~ Q[X]/ ( f) is totally real 
if all the roots of / are real, and it is totally imaginary if none of the roots of / are real. 

A CM field is a totally imaginary quadratic extension of a totally real field. Every such 
field can be obtained from a totally real field by adjoining the square root of an element all 
of whose real conjugates are negative. 

Let K be a CM field, which is a quadratic extension of the totally real field K + , and let 
2n = [K : Q]. Then K has In complex embeddings and K + has n real embeddings, and so 

rank(L^) = n — 1 = rank(U K +). 

Therefore, U K + has finite index in Uk- In fact, it is possible to prove more. 

Proposition 5.12 The index of [i (K) ■ U K + in Uk is either I or 2. 
PROOF. Let an-flbe the nontrivial automorphism of K fixing K + . Then p(a) = p(a) 
for all homomorphisms p:K C. In particular, for any a e Uk, all conjugates of a/a 
in C have absolute value 1, and so a/a e f^(K) (by 5.6). Consider the map Q'.Uk 
li(K) I 'fx(K) 2 determined by a v^-a/a. Clearly is a homomorphism. Suppose u lies in its 
kernel, so that u/u = £ 2 for some £ e H-(K). Then ut,/ut, = 1, and so ut, e K + . It follows 
that u e fi(K) ■ U K +- Conversely, if u = £ ■ u + e [i(K) ■ U K +, then u/u = £ 2 6 Ker(</>). 
We have shown that Ker(</>) = fx{K) ■ U K +- As pi(K) / (a(K) 2 has order 2, this completes 
the proof. □ 
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Example: real quadratic fields 

An expression 

a H 



a\ + 



1 

a 2 + 



a 3 + ••• 

is called a continued fraction. We abbreviate the expression on the right as 

[a ,ai,a 2 ,...]. 

We shall always assume that the a,- are integers with a\ > 0, ai > The integers a, are 

called the quotients, and [ao,fli, is called the «th convergent. Every irrational num- 

ber a can be expressed in just one way as an infinite continued fraction, and the continued 
fraction is periodic if and only if a has degree 2 over Q. (See any book on elementary num- 
ber theory, for example, Hardy, G. H., and Wright, E. M., An Introduction to the Theory of 
Numbers, Oxford Univ. Press, 1960 (4th edition), Chapter X.) 

Now let d be a square-free positive integer, and let e be the (unique) fundamental unit 
for Q[Va] with s > 1. Let s be the period of the continued fraction for \fd and let p/q be 
the (s — l)th convergent of it; then 

s = p + qVd if d = 2,3 mod 4, or d = 1 mod 8, 

and 

£ = p + q *fd or £ 3 = p + q Vd otherwise. 

Using a computer algebra program, it is very easy to carry this out, and one obtains some 
spectacularly large numbers. 

For example, to find the fundamental unit in Q[ y / 94f, first compute ^/94 = 9. 6954 . . .. 
Then compute the continued fraction of V94. One gets 

{9,1,2,3,1,1,5,1,8,1,5,1,1,3,2,1,18,1,2,3,...}. 

This suggests the period is 1 6. Now evaluate the 1 5th convergent. One gets 

2143295 



221064 

Hence the fundamental unit > 1 is 



s = 2143295 + 221064- V94 



Compute that 

(2143295) 2 - (221064) 2 ■ 94 = 1, 

which verifies that £ is a unit. 

When one carries out this procedure for Q[^9199], the first coefficient of the funda- 
mental unit has 88 digits! The computer has no problem finding the fundamental unit — 
the only problem is counting the length of the period, which is about 1 80. 
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Example: cubic fields with negative discriminant 

Since the sign of the discriminant is (—l) s (see 2.40), a cubic field K will have negative 
discriminant if and only if r = 1 = s. We identify K with a subfield of R using its unique 
real embedding. We have A < 0, and the group of units is {±e m } for some e (fundamental 
unit). We want to find s. Since — s, — e , and e _1 are also fundamental units, we may 
suppose that e > 1 . 

Lemma 5.13 Let K be a cubic extension of Q with negative discriminant, and let e be the 
fundamental unit with e > 1 . Then 

\A K \ <4e 3 + 24. 

PROOF. Since s Q, it must generate K. The two conjugates of e (other than e itself) must 
be complex conjugates, and so the product of e with its conjugates must be + 1 (rather than 
— 1). Write e = u 2 ,«el,i/>l. Then the remaining conjugates of £ can be written 

u~y e , u~ l e~ ie (O<0<tt). 

Let A' = D(\,e,s 2 ) be the discriminant of the minimum equation of e. Then 

A'? = (u 2 - u~ l e i6 ){u 2 - u~ l e- ie ){u~ l e ie - u~ l e~ ie ) = 2i(u 3 + u~ 3 - 2cos(9) sin#. 

If we set 2% = u 3 + u -3 , then 

\A r \$ = 4(£ - cos 6) sine, 
which, for a given u, has a maximum where 

£cos6>-cos 2 6> + sin 2 # = 0, 

or 

-g(x) = % x -2x 2 + \ = 0, |jc| < 1, x = cos#. 

We seek a root of g(x) with \x\ < 1. But g(l) = 1 — £ < (because u > 1 implies £ = 
" 3 ~"~ 3 > l).andg(-A) = !(u" 6 -l) <0. Since g(jc) = 2x 2 + ■■■, it follows g(x) has 
one root > 1, and that the desired root xo, with |xo| < 1, is < — . But then 

x 2 > — M " 6 - 4x 2 < => w" 6 - 4xq 2 - 4x^ < 0. (13) 
This maximum yields 

\A'\ < 16(f 2 -2^x + x 2 )(l-x 2 ), 

and, on applying the conditions £xo = 2xq — 1, £ 2 Xq = 4xq — 4x 2 + 1, and the inequality 
(13) we find that 

\A'\ < 16(£ 2 + l-x 2 -x^) = 4m 6 + 24 + 4(m" 6 -4x 2 -4x^) <4m 6 + 24. 

Hence 

\A'\ <4e 3 + 24. 

Since A' = Ak • (square of an integer), this completes the proof. □ 
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Example 5.14 Let K = Q[a] where a is a real root of X 3 + 10X + 1. Here the discrim- 
inant is -4027, and so e > ^/ 402 ^~ 24 > 10 for s the fundamental unit with s > 1. Note 

that Nm(a) = —1, and so a is a unit. Moreover, a = —0.0999003... and so = —a~ l = 
10.00998.... Since fi is a power of e, we must have ft = s; i.e., —a -1 is the fundamental 
unit > 1 . Thus 

U K = {±a m | m € Z}. 

Once one knows e, it becomes easier to compute the class group. We know (see 3.48) 
that there is a prime ideal p = (2, 1 + a) such that N(p) = 2. One shows that p generates 
the class group, and it then remains to find the order of p. One verifies that p 6 is the ideal 
generated by ^ a ~_^\ , and so it remains to show that p 2 and p 3 are nonprincipal. 

Suppose p 3 = (y). Then y 2 = ±a m • f° r some m and choice of signs. But this 

says that at least one of the numbers 5^5, — a fri> ~ a ark * s a sc l uare - Let /3 be that 
number. If q is a prime ideal such that j3eO fl (i.e., such that ord q (/3) > 0), then we can 
look at fi mod q and ask if it is a square. 
We first work modulo 29. We have 

X 3 + 10X + 1 = (X + 5)(X-3)(X-2) mod 29. 

Take q to be the ideal (29, a — 2). The residue field Oj^/q is F29 = Z/(29), and the map 
Z[a] -+ ¥ 2 g is a 2 (mod 29). Thus 

ck-1i->1, a + 2i-^4, (a + 2) _1 22, -1h^-1. 

The numbers 1, 4, and —1 = 12 2 are squares modulo 29, but 22 is not; hence m must be 0. 
Since < it can't be a square in K (since it isn't even in M), and so the only possibility 
for (3 is — §xf . We eliminate this by looking mod 7. 

Take q = (7, a + 3) (see 3.48). Then in the map Z[a] Z[a]/q = F 7 , 

a-l -3 1 

oc 1— ^ — 3 — 4, h-> — = — = —4 = 3 mod 7, 

a + 2 6 2 

and 3 is not a square modulo 7. Thus — is not a square in Q[a]. 

Similarly, p 2 = (y) can be shown to be impossible. Thus Cl(Ojt) is a cyclic group of 
order 6. 

Finding /x(X) 

As we noted eariler, if Q[£/n] C K, where ^ m is a primitive mth root of 1, then (p(m)\[K: Q]. 
Thus there are only finitely many possibilities for m. For each of them, use the test in the 
later section on algorithms to determine whether the minimum polynomial & m for £ m has 
a root in K. 

Finding a system of fundamental units 

One strategy for finding units in the general case seems to be to find lots of solutions to 
equations Nm(a) = m for m a fixed small number, and then take quotients of solutions. 
Note that there can be only finitely many ideals a with N(o) = m; thus if we have lots of 
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elements a,- with Nm(a, ) = m, then frequently a, ■ Ok = otj ■ Ok, and this implies that a,- 
and oij differ by a unit — note that this was the strategy used to prove the unit theorem. See 
Pohst and Zassenhaus 1989, Chapter 5. 

Regulators 

There is one other important invariant that we should define. Let t = r + s — 1 , and let 
U\, ...,Ut be a system of fundamental units. Then the vectors 

L(ui) = (log|CTiw,:|,...,log|a r M,|,2-log|a r+ iM/|,...,21og|a f u ; |) e M.' 

generate the lattice L(U) in W. The regulator is defined to be determinant of the matrix 
whose ith row is L(u ; ). Thus, up to sign, the regulator is the volume of a fundamental 
domain for L(U) (regarded as a full lattice in W). 2 

The regulator plays the same role for the group of units (mod torsion) that the dis- 
criminant plays for Ok- One can similarly define the regulator of any set {s\,...,s t } of 
independent units, and the index of the group generated by the £, and fx{K) in the full 
group of units is measured by ratio 

|Reg(ei,...,e,)|/|Reg(tO|. 

There are lower bounds for the regulator (see Pohst and Zassenhaus 1989, p 365) similar 
to the one we proved for a cubic field with one real embedding. 

For an algorithm that computes the class group, regulator, and fundamental units of a 
general number field, but which requires the generalized Riemann hypothesis to prove its 
correctness, see Cohen 1993, Algorithm 6.5.9. 

Notes To find the units in Q[*/d], d > 0, one has to solve certain diophantine equations (see 5.3), 
whose study has a long history. Theorem 5.1 was proved by Dirichlet (1840, 1846) 3 only for rings 
of the form Z[a] because, at the time, a definition of Ok was lacking. However, his proof extends 
easily to O k (and to O k (S)). 

Exercises 

5-1 Fix an m and M. Is it necessarily true that the set of algebraic integers a in C of 
degree < m and with \a\ < M is finite? [Either prove, or give a counterexample.] 

5-2 Find a fundamental unit for the field Q[y67]. 

5-3 Let a be an element of a number field K. Does Nm^/Q(a) = ± 1 imply that a is unit 
in Ok- [Either prove, or give a counterexample.] 



2 Kwangho Choiy writes: in the definition of regulators, I think that L(itj) may have to be more precise, 
i.e., we can make sure about the index of a. But the definition in the notes is still correct. 

3 Dirichlet, P. G. Lejeune-, Sur la theorie des nombres, C. R. Acad. Sci. Paris 10 (1840), 285-288. Dirichlet, 
P. G. Lejeune-, Zur Theorie der complexen Einheiten. Verhandl. Preuss. Akad. Wiss. (1846), 103-107. 
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Cyclotomic Extensions; Fermat's 

Last Theorem. 

The cyclotomic 1 extensions of Q are those generated by a root of 1. They provide interest- 
ing examples of the theory we have developed, but, more significantly, they have important 
applications, for example, to Fermat's last theorem and to the existence of reciprocity laws 
(more generally, to class field theory itself). 

The basic results 

An element £ of a field K is said to be a primitive nth root of 1 if f " = 1 but t, d ^ 1 for any 
d <n, i.e., if £ is an element of order n in K x . For example, the nth roots of 1 in C are the 
numbers e 2nim l n ^ o < m < n — 1, and the next lemma shows that e 2jtim ^ n is a primitive 
«th root of 1 if and only if m is relatively prime to n. 

Lemma 6. 1 Let £ he a primitive nth root of 1. Then t, m is again a primitive nth root of 1 
if and only if m is relatively prime to n . 

PROOF. This is a consequence of a more general fact: if a is an element of order n in a 
group, then a m is also of order n if and only if m is relatively prime to n. Here is the proof. 
If d\m,n, then (a m )d = a n ~d = 1. Conversely, if m and n are relatively prime, then there 
are integers a and b such that 

am + bn = 1. 

Now a am = a and so (a m ) d = 1 =>■ a d = (a am ) d = 1 ^n\d. □ 

Let K = Q[£], where £ is a primitive «th root of 1. Then K is the splitting field of 
X" — 1, and so it is Galois over Q. Let G = Gal(Q[£]/Q). It permutes the set of primitive 
«th roots of 1 in A', and so, for any a e G, at, = t, m for some integer m relatively prime to 
n; moreover, m is well-defined modulo n. The map a h-> [m] is an injective homomorphism 
G (Z/«Z) X . In FT, 5.9, 5.10, it is proved that this map is an isomorphism, and so 

def 

[K : Q] = <p(ri) = #(Z/n'Ij) x . We shall give another proof, and at the same time obtain 
many results concerning the arithmetic of Q[£]. 

'The name cyclotomic (circle-dividing) derives from the fact that the nth roots of 1 are evenly spaced 
around the unit circle. 
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6. Cyclotomic Extensions; Fermat's Last Theorem. 



The cyclotomic polynomial 0„ is defined to be, 

n (x) = Y\(x-n 

where the product runs over a set of representatives m for the elements of (Z/«Z) X , for 
example, over the integers m, < m < n — 1, relatively prime to n. Equivalently, 

n {X) = \\{X-?) 

where £' runs over the primitive nth roots of 1. Because G permutes the £" ', 0„ (X) e Q[X], 
and clearly 0„ (£) = 0. Therefore, n (X) is the minimum polynomial of £ if and only if it 
is irreducible, in which case [K : Q] = (p(n) and the map G -> (Z/nZ) x is an isomorphism. 
Hence the following statements are equivalent: 

(a) the map Gal(Q[£]/Q) (Z/nZ) x is an isomorphism; 

(b) [Q[f] : Q] = <p(n); 

(c) Gal(Q[£]/Q) acts transitively on the set of primitive nth roots of 1 (i.e., they are 
conjugates); 

(d) n (X) is irreducible (and so n (X) is the minimum polynomial of £). 
We shall see that all these statements are true. 

Note that each nth root of 1 is a primitive dth root of 1 for exactly one d \n, and so 
X n -l = Y[0 d (X) = (X-\)...0 n (X). 

d\n 

To find the nth cyclotomic polynomial, type "polcyclo(n,X)" in PARI. For example, 

3 (X) = X 2 + X + l 
4 (X) = X 2 + 1 
6 (X) = X 2 -X + \ 
l2 (X) = X 4 -X 2 + l 

and 

X 12 - 1 = (X - l)(X + l)(X 2 + X + l)(X 2 + l)(X 2 -X + \){X A -X 2 + 1). 
We first examine a cyclotomic extension in the case that n is a power p r of a prime. 
Proposition 6.2 Let £ be a primitive p r th root of 1, and let K = Q[£]. 

(a) The field Q[£] is of degree (p(p r ) = p r ~ l (p — 1) over Q. 

(b) The ring of integers in Q[£] is Z[^]. 

def 

(c) The element n = 1 — £ is a prime element of Ok, and (/>) = (7r) e witn e = <p(p r ). 

(d) The discriminant of Ok over Z is ±/> c , some c (in fact, c = p r ~ l (pr — r — I)); 
therefore, p is the only prime to ramify in Q[£]. 

PROOF. Because £ is integral over Z, the ring Z[£] is contained in Ok- 

If £' is another primitive p r th root of 1, then £' = £ f and £ = £ /f for some integers 5 
and ? not divisible by p, and so Z[£'] = Z[£] and Q[£'] = Q[£]. Moreover, 

= l + £ + --- + ^ _1 eZ[f]. 
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Similarly, (1 - f)/(l - f ) € Z[£], and so (1 - £')/(! - t) is a unit in Z[£] (hence also in 
O k )- Note that 

XP'-l t p -\ , r-l 

^ (I) = ir'-i = 7T = 1+f+ " , + f ' ' = *' ' 

and so 

For its definition, we see that 



<P(P r ) 



with u a unit in Z[£]. Therefore we have an equality of ideals in Ok, 

(p) = (7zf, n = \-S, e = cp(p r ), (14) 

and so (p) has at least (p(p r ) prime factors in Ok- Now (3.34) implies that [Q[£] : Q] > 
(p(p r ). This proves (a) of the Proposition since we know [Q[£] : Q] < (p(p r ). 

Moreover we see that n must generate a prime ideal in Ok, otherwise, again, (p) would 
have too many prime-ideal factors. This completes the proof of (c). 

For future reference, we note that, in Ok, 

(p) = p^ r \ p = (n), f(p/p) = l. 

The last equality means that the map Z/ (p) — >• Ok /(it) is an isomorphism. 
We next show that (up to sign) disc(Z[£]/Z) is a power of p. Since 

disc(0^/Z) ■ (Ok : M\f = disc(Z[t]/Z) ( 

this will imply: 

(i) disc(C^/Z) is a power of p; 

(ii) (Ok '■ Z[£]) is a power of p, and therefore p M Ok C Z[£] for some M . 

To compute disc(Z[£]/Z), we shall use the formula in (2.34), which in our case reads: 

disc(Z[£]/Z) = ±Nm* /Q (*;,(£)). 
On differentiating the equation 

(X pr ~ l -l)-<P p r(X) = X pr -I 
and substituting t, for X, we find that = p r K pT ~ X I ~ 1)- Clearly 

Nm^/Q t, = ±1, Nm^/ = Q/)* ^ = ^ r >. 
We shall show that 

Nm z/Q (l-r ! ) = ±/, 0<s<r, 

and so 

Nm I/Q 0> (?) = ±p c , c = r(p- \)p r ~ x - p r ~ x = p r - l (pr - r- l). 
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First we compute Nmjt/Q(l — £)■ The minimum polynomial of 1 — £ is <fy (1 — X), 
which has constant term <Jy (1) = p, and so Nm^/Q(l — £) = ±p. 

We next compute Nrng- /q(1 — t, p ) some s < r. Because £ p? is a primitive /> r-,? th root 
of 1, the computation just made (with r replaced by r — 5) shows that 

Nm QB**]/Q(W') = ±^ 

Using that 

Nm^/jf = Nmi/jfoNm^i and Nmj/^a = a^ M: ' L ^ if a e L, 

we see that 

Nm* /Q (l - t, pS ) = ±p a where a = [Q[f] : Q[f*']] = <p{p r )/<p{p r ~ S ) = f ■ 

This completes the proof of (d). 

We are now ready to prove (b). As we observed above the inclusion Z Ok induces 
an isomorphism Z/ (/?) — »• Ok/(iz). In other words, 

0^ = Z + ;rO^, 

and so, certainly, 

O k = %[$] + 7tO K . 
On multiplying through by n, we obtain the equality 

TlO K = JlZ[i;] + 7T 2 K . 

Therefore, 

O k = Z[^] + jtZ[^] + k 2 O k 
= Ztf] + n 2 K . 

On repeating this argument, we find that 

K = m} + n m O K 
for all m > 1. Since n <p ^ pr ^ = p x (unit), this implies that 

0* = Z[t] + //"-0* 

for all m > 1. But for m large enough, we know that p m OK C Z[£], and so Z[£] = 0^. 
This completes the proof of (b). □ 

Remark 6.3 (a) The sign of the disc(Q[£]/Q), f any root of 1, can be computed most 
easily by using (2.40a). Clearly Q[£] has no real embeddings unless £ = ± 1 (and Q[£] = Q), 
and so, except for this case, 

sign(disc(Q[£]/Q)) = s = [Q[£] ■ Q]/2. 

If t, is a primitive //th root of 1, p r > 2, then 

[Q[r]:Q]/2 = (^-l)^- 1 /2 
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which is odd if and only if p r = 4 or p = 3 mod 4. 

(b) Let £ and £' be primitive //th and g^th roots of 1. If /? and g are distinct primes, 
then 

|nQ[n = Q, 



because if K C Q[£], then p ramifies totally in K and q does not, and if K C Q[£'], then g 
ramifies totally in ^ and p does not, and these are contradictory unless K = Q. 

Theorem 6.4 Let £ be a primitive n th root of 1 . 

(a) The field Q[£] is of degree (p(n) over Q. 

(b) The ring of integers in Q[£] is Z[£], and so 1, £, . . . , ^W -1 is an integral basis for 
Q [f j over Z. 

(c) If ramifies in Q[£] then /?|«; more precisely, ifn = p r -m with m relatively prime 
to p, then 

in Q[£] with the <P; distinct primes in Q[£]. 

PROOF. We use induction on the number of primes dividing «. Suppose that p\n, and 
write n = p r -m with m not divisible by />. We may assume the theorem for m. Note that 
^ p r = £ m is a primitive p r th root of 1, £ m = is a primitive mth root of 1, and that 
= Q[$y] ■ Q[U]- Consider the fields: 

Q[£] (pO)^ r ) = np^o 



P^ np« 




(/>) 

According to Proposition 6.2, (/>) ramifies totally in Q[£pr], say (p) — p v ^ p ''\ but 
is unramified in Q[£ OT ], say (p) = pi ■••p.? with the p ; - distinct primes. Because Q[£] 
is obtained from Q[£ m ] by adjoining ^ p r, its degree over Q[£m] is at most (p(p r ). It 
follows from Theorem 3.34 that pi---pj can become a (p(p r )th power in Q[£] only if 
[Q[f]:QKin]] = <P(P T ) and each prime p t ramifies totally in Q[f], say p/0 QB] = qjf 0,0 . 
Therefore, [Q[£] : Q] = (p(p r ) -(p(m) = p(n), and to complete the proof, it remains to show 
that = Z[£pr , £ m ] = Z[£]. This is accomplished by the next lemma, because the only 

primes that can divide the discriminant of CWf m ]/Z are the divisors of m (induction hy- 
pothesis and 3.35). □ 

Lemma 6.5 Let K and L be finite extensions of Q such that 

[KL:Q] = [K:Q]-[L:Q], 
and let d he the greatest common divisor of disc(C^/Z) and disc(C^/Z)). Then 

Ok-lCcI-'Ok-Ol. 
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PROOF. Let {ai , a m } and {f}\ , ...,fi n } be integral bases for K and L respectively. Then 
oiifij is a basis for K ■ L over Q. Thus every y e Ok l can be written in the form 

y = ~ a i fij - a U - r e ^> 

with -U- uniquely determined. After dividing out any common factors from top and bottom, 
no prime factor of r will divide all the a/y, and we then have to show that r\d. 

When we identify L with a subfield of C, every embedding a of K into C will extend 
uniquely to an embedding of K ■ L into C fixing the elements of L. To see this, write 
K = Q[a]; then K-L = L[a], and the hypothesis on the degrees implies that the minimum 
polynomial of a doesn't change when we pass from Q to L; there is therefore a unique 
L-homomorphism L[a] — »■ C sending a to aa. 

On applying such a a to the above equation, we obtain an equation 

°{Y) = Y J a f<y{<*i)Pj- 

ij 

Write Xj = J2j( a ij l r )fiji and let a\,a%, ...,ar m be the distinct embeddings of K into C. We 
obtain a system of m linear equations 

2_,cr k (ai)xi =ak(y), k = \,2,...,m, 

i 

and Cramer's rule tells us that 

Dxi = Di 

where D = det(o/(a/)) and Z),- is a similar determinant. According to (2.26), D 2 = A = 
disc (Ok /Z), and so 

A- Xi = DDi. 

By construction, both D and D, are algebraic integers, and so A ■ Xi is an algebraic integer. 
But Axi = ^2 ^y^-fij, and the fys form an integral basis for Oj_, and so — j*- S Z. Hence 
r\Aaij all and, because of our assumption on r and the a/ys, this implies that r|2\. 

Similarly, r\ disc(0/,/Z), and so r divides the greatest common divisor of disc(0^/Z) 
and disc (O^/Z). □ 

Remark 6.6 (a) Statement (c) of the theorem shows that if p divides n, then p ramifies 
unless (f(p r ) = 1. Since cp(p r ) = p' {p — 1), this happens only if p r = 2. Thus, if p 
divides n, then p ramifies in Q[£ n ] except when p = 2 and n = 2 • (odd number). 

(b) Let m be an integer > 1; then (p(mn) > f(n) except when n is odd and m = 2. 
Therefore /x(Q[£„]) is cyclic of order n (generated by £ n ) except when n is odd, in which 
case it is cyclic of order 2n (generated by — £ n ). 

(c) In the situation of the lemma, 

disc(£X/Q) = disc(^/Q) [L:Q] -disc(L/Q) [it:Q] , (15) 

provided = Oj^ ■ Ol . This can be proved by an elementary determinant calculation. 
Using this, one can show that, for t, n a primitive nth root of 1, 

disc(Q[f„]/Q) = (-ifW/VW/fl/W/^" 1 '. 
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The example 



Q[j,V5] = Q[j]-Q[V C 5] 



shows that the condition on the rings of integers is necessary for (15) to hold, because the 
extensions Q[i] and Q[V^5] have discriminants 4 and 20 respectively, but Q[i,*/5] has 
discriminant 4 2 5 2 = 4 2 20 2 /4 2 . 

Class numbers of cyclotomic fields 

Let £ be a primitive pth root of 1, p an odd prime. It is known that the class number of Q[£] 
grows quite rapidly with p, and that in fact the class number is 1 if and only if p < 19. 

Here is how to prove that Q[£] has class number > 1 when p — 23. The Galois group 
of Q[£] over Q is cyclic of order 22, and therefore has a unique subgroup of index 2. Hence 
Q[£] contains a unique quadratic extension K of Q. Since 23 is the only prime ramifying in 
Q[£], it must also be the only prime ramifying in K, and this implies that K = Q[V— 23]. 
One checks that (2) splits in Q[V— 23], say (2) = pq, that p is not principal, and that p 3 is 
principal. Let *p be a prime ideal of Z[£] lying over p. Then J\f?ft = pf , where / is the 
residue class degree. Since / divides [Q[£] : Q[V— 23]] = 11, we see that / = 1 or 11 (in 
fact, / = 11). In either case, pf is not principal, and this implies that *p is not principal, 
because the norm of a principal ideal is principal. 

Because of the connection to Fermat's last theorem, primes p such that p does not 
divide the class number of Q[£] are of particular interest. They are called regular. Kummer 
found a simple test for when a prime is regular: define the Bernoulli numbers B n by the 
formula 



then p is not regular if and only if p divides the numerator of some with k = 2, 4, ...,p — 
3. It has long been known that there are infinitely many irregular primes, but it is still not 
proved that there are infinitely many regular primes. It is expected that 61% of primes are 
regular and 39% are irregular. 

Units in cyclotomic fields 

Let £ be a primitive nth root of 1, n > 2. Define 



For example, if £ = e 27ti/n , then Q[£]+ = Q[cos ^]. Under any embedding of Q[£] into 
C, £ _1 maps to the complex conjugate of £, and therefore the image of Q[£] + is fixed under 
complex conjugation and hence lies in R. Thus, we see that Q[£] is a CM field with maximal 
totally real subfield Q[£] + . According to Proposition 5.12, the index of /x(Q[£]) • hi 
UQ\t] is 1 or 2. In fact, when n is a prime power, it must be 1. 

Proposition 6.7 Assume thatn is a prime power; then every unitu e Q[£] can be written 




n=0 



QK] + = QK + r 1 ]. 



u = £■ v 



with £ a root of unity and v a unit in Q[£] + . 
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PROOF. We prove this only for powers of odd primes (which is all we shall need in the next 
section). If the statement is false, then the homomorphism 

uH>u/u:U Q tf]^ pi/fi 2 , /x = /z(Q[£]), 

in the proof of Proposition (5.12) is surjective, and so there exists a unit u of Q[£] such that 
u = t,'u where £' is a root of 1 that is not a square. Recall (6.6b) that, because n is odd, 
ix = {±1} ■ {£), and so /x 2 = (£). Therefore £' = — £ WI for some integer m. Let 

u = a -\ l-a^M)-!^^ -1 , a.i eZ. 

Then w = «o H h «^(n)-l£ *> an d modulo the prime ideal p = (1 — £) = (1 — \) of 

M = Clo H h<3,p( n )_l = U. 

Thus 

u = —t, m u = —u mod p, 
and so 2u € p. This is a contradiction because p is prime, 2 ^ p, and u p. □ 

The first case of Fermat's last theorem for regular primes 

Kummer proved Fermat's last theorem for regular primes. Here we prove a weaker result, 
known as the first case of Fermat's last theorem. 

Theorem 6.8 Let p be an odd prime. If the class number of Q[£] is not divisible by p, 
then there does not exist an integer solution (x, y,z) to 

X p + Y p = Z p 

with p relatively prime to xyz. 

We show that existence of integers x,y,z with x p + y p = z p and p \ xyz leads to a 
contradiction. After removing any common factor, we may suppose that gcd(x,_y,z) = 1. 
We first treat the case p = 3. The only cubes modulo 9 are —1, 0, 1, and so 

x 3 + y 3 = -2,0, or 2 mod 9, 
z 3 = — 1 or 1 mod 9, 

which are contradictory. Similarly we may eliminate the case p = 5 by looking modulo 25. 
Henceforth we assume p > 5. 

If x = y = — z mod p, then —2z p = z p and p\3z, contradicting our hypotheses. Hence 
one of the congruences can't hold, and after rewriting the equation x p + (—z) p = (— y) p if 
necessary, we may assume that p\x — y. 

The roots of X p + 1 are — 1, — £, . . . , — and so 

* p+1 = n ; C V+r')- 

Hence 
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The idea of the proof is to exploit this factorization and what we know of the arithmetic of 
Q[£] to obtain a contradiction. 

Let p be the unique prime ideal of Z[£] dividing (/>); thus p = (1 — £ ! ) where i can be 
any integer such that 1 < i < p — 1 (see 6.2). 

Lemma 6.9 The elements x + y ofZ[^] are relatively prime in pairs. 

PROOF. We have to show that there does not exist a prime ideal q dividing x + y and 
x + £ J y fori ^ j . Suppose there does. Then q|((£' — t J )y) = py, and q\((^ —t, l )x) = px. 
By assumption, x and y are relatively prime, and therefore q = p. Thus x + y = x + ^ l y = 
mod p. Hence x + y e p (IZ = (p). But z p = x p + y p = x + y = mod p, and so p\z, 
which contradicts our hypotheses. □ 

Lemma 6.10 For every a € Z[£], a p e Z + pZtf]. 
Proof. Write 

a = flo + «i^H \-a p -2^ p ~ 2 , atsZ. 

Then 

a p = a p + af-\ \~ a p-2 m °d /?, 

which lies in Z. □ 

Lemma 6.11 Leta = ao + «i£H \-a p -\t, p ~ l withai sZ and at least one a i =0. If 

a is divisible by an integer n, i.e., if a e «Z[£], then each a,- is divisible by n. 

Proof. Since 1 + £ H h = 0, every subset of {1, with /?- 1 elements 

will be a Z-basis for Z[£]. The result is now obvious. □ 

We can now complete the proof of Theorem 6.8. Regard the equation 

Y\Zl {?c+ ^ iy) = {z)P 

as an equality of ideals in Z[£]. Since the factors on the left are relatively prime in pairs, 
each one must be the /?th power of an ideal, say 

+ = of 

for some ideal a,- in Z[£]. This equation implies that 0/ has order dividing p in the class 
group, but we are assuming that the class group of Z[£] is of order prime to p, and so a, 
itself is principal, say a, = (a, ). 

Take i = 1, and omit the subscript on u\. Then we have that x + = ua p for some 
unit u in Z[£]. We apply (6.7) to write u = t, r v where v = v. According to (6.10), there is 
an a e Z such that a p = a mod p. Therefore 

x + £_y = % r va p = t, r va mod p. 

Also 

x J r \y = t > ~ ]r va. p = t > ~ r va mod/?. 
On combining these statements, we find that 

r r (x + ^y) = ^ r (x + r l y) mod/?, 



104 



6. Cyclotomic Extensions; Fermat's Last Theorem. 



or 

x + ^y-^ 2r x-^ 2r ~ 1 y = mod p. (16) 

If £ _ ,£ are distinct, then, because p > 5, Lemma 6.11 implies that /? divides jc 
and y, which is contrary to our original assumption. The only remaining possibilities are: 

(a) 1 = £ 2r ; but then (16) says 

t,y — = mod p, 

and Lemma 6.11 implies p\y, which contradicts our original assumption. 

(b) 1 = ^ 2r ~ 1 ; then % = £ 2r , and (16) says 

(x — >>) — (jc — y)t, = mod/?, 

and Lemma 6. 1 1 implies that p\x — y, which contradicts the choice of x and _y made 
at the start of the proof. 

(c) £ = £ 2r_1 ; but then (16) says 

x — £ 2 x = mod />, 

and Lemma 6.11 implies that p\x, which contradicts our original assumption. 

This completes the proof. 

NOTES Everything in this section was known to Kummer, but in terms of "ideal numbers" rather 
than ideals. The methods of this section have not (so far) sufficed to prove Fermat's last theorem 
but, as the reader may already be aware, other methods have. 

Exercises 

6-1 Show that X 3 — 3X + 1 is an irreducible polynomial in Q[X] with three real roots. 
Let a be one of them, and let K = Q[a]. Compute disc(Z[a]/Z), and deduce that 

K DZ[a]D3 m O K 

for some m. Show that a and a + 2 are units in Z[a] and Ok, and that (a + l) 3 = 3a (a + 2). 
Deduce that (a + 1) is a prime ideal in Ok, and show that Ok = Z[a] + (a + \)Ok- Use 
this to show that Ok = Z[a]. Show that (2) is a prime ideal in Ok, and deduce that Ok is 
a principal ideal domain. 

6-2 Show that the ring of integers in Q[cos ^] is Z[2cos 
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In this section, we define the notion of an absolute value (or multiplicative valuation) and 
study the completions of number fields with respect to absolute values. 

Absolute Values 

An absolute value or (multiplicative) valuation 1 on a field K is a function x m> \x |: K — >■ K 
such that 

(a) | jc| > except that |0| = 0; 

(b) \ X y\ = \x\\y\ 

(c) \x + y\ < |x| + | y\ (triangle inequality). 

If the stronger condition 

(c') \x + y\ < max{|x|, |_y|} 
holds, then | | is called a nonarchimedean absolute value. 

Note that (a) and (b) imply that | | is a homomorphism K x — > M>o (multiplicative group 
of positive real numbers). Since M>o is torsion-free, | | maps all roots of unity in K x to 1. 
In particular, | — 1| = 1, and | — x\ = \x \ for all x. 

Example 7.1 (a) For any number field K, and embedding o: K C, we get an absolute 
value on K by putting \a\ = \aa\. 

(b) Let ord: K x —> Z be an (additive) discrete valuation, and let e be a real number with 
e > 1 ; then 

\a\ = (\/e) orA{a \ a^O, |0| = 

is a nonarchimedean absolute value on K. For example, for any prime number p, we have 
the p-adic absolute value \ \ p on Q : 

\a\ p = (l/e) ord " (fl) . 

Usually we normalize this by taking e = p; thus 

\a\ p = {\/p)°^ a) = l/p r if a = a -p r with ord p (a ) = 0. 

'Contrary to the assertions in mo45150, both terms are widely used. In fact, judging by the algebraic 
number theory books on my bookshelf, "valuation" is the more common, but I've decided to use "absolute 
value" to conform with Bourbaki. 
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Similarly, for any prime ideal p in a number field K, we have a normalized p-adic absolute 
value 

\a\ p = (l/Np) ord P (a) . 

(c) On any field we can define the trivial absolute value: \a\ = 1 for all a ^ 0. When 
K is finite, there is no other (because all nonzero elements of a finite field are roots of 1). 

Nonarchimedean absolute values 

Recall that this means that, instead of the triangle inequality, we have 

\x + y\ <max{|x|,|y|}. 

By induction, this condition implies that 

|Y>|<max{|xi|}. (17) 

Proposition 7.2 An absolute value \ \ is nonarchimedean if and only if it takes bounded 
values on {ml \ m e Z}. 

PROOF. If | | is nonarchimedean, then, for m > 0, 

\ m \\ = |1 + H h 1| < |1| = 1. 

As we noted above, | — 1| = |1|, and so | — ml\ = \m\\ < 1. 
Conversely, suppose \ml \ < N for all m. Then 

\ x +y\ n = I HO r y n ~ r I ^ E K")i \*\ r \y\ n ~ r - 

r 

Clearly |x| r |_y|" _r < max{|x|", = max{|x|, and (") is an integer, and so 

\x + y\ n < N(n + l)max{|x|,|j|}". 
On taking «th roots we find that 

\x + y\ < N 1/n (n + l) 1/n max{\x\,\y\}. 
When we let n oo, the terms involving n tend to 1 (to see this, take logs). □ 

Corollary 7.3 If char K ^ 0, then K has only nonarchimedean absolute values. 
Proof. In this case, the set {m ■ 1 | m e Z} is finite. □ 

Aside 7.4 Archimedes stated that for any two line segments, laying the shorter segment end-to-end 
a sufficient finite number of times will create a segment longer than the other. In other words, for 
any two nonzero positive real numbers a and b, there is an n e N such that b <na. The proposition 
shows that the nonarchimedean absolute values are exactly those that don't have this "archimedean 
property". 

As we noted above, a discrete (additive) valuation ord on K determines an absolute 
value by 

|x| = e-° rdW , 

any e > 1. Taking logs gives log e \x\ = — ord(x), or ord(x) = — log e \x\. This suggests how 
we might pass from multiplicative valuations to additive valuations. 



Equivalent absolute values 



107 



Proposition 7.5 Let \ \ be a nontrivial nonarchimedean absolute value, and put v{x) = 
— log \x | , x 7^ (log to base e for any real e > 1) . Then v:K x —>M. satisfies the following 
conditions: 

(a) v(xy) = v(x) + v(y)\ 

(b) v(x + y) > mm{v(x),v(y)}. 

If v(K x ) is discrete in M, then v is a multiple of a discrete valuation ord: K x -^Zct. 

PROOF. That v satisfies (a) and (b) is obvious. For the last statement, note that v(K x ) 
is a subgroup of E (under addition). If it is a discrete subgroup, then it is a lattice (by 
4.15), which means that v(K x ) = Zc for some c. Now ord = c _1 ■ v is an additive discrete 
valuation K x -» Z. □ 

We shall say | | is discrete when \K X \ is a discrete subgroup of M>o- Note that, even 
when \ K X | is discrete in R, \K\ usually won't be, because will be a limit point for the set 
\K X \. For example, \p n \ p = p~ n , which converges to as n — »• oo. 

Proposition 7.6 Let\ \ be a nonarchimedean absolute value. Then 

def 

A = {a e K \ \a\ < 1} is a subring of K, with 

def 

U = {a e K | \a \ — 1} as its group of units, and 

def 

m = {a e K \ \a\ < 1} as its unique maximal ideal. 
The absolute value \ \ is discrete if and only if m is principal, in which case A is a discrete 
valuation ring. 

PROOF. The first assertion is obvious. If | | is discrete, then A and m are the pair associated 
(as in 3.27) with the additive valuation — log | |, and so A is a discrete valuation ring and m 
is generated by any element jt e K x such that \n\ is the largest element of \K X \ less than 
one. Conversely, if m = (n), then |^ x | is the subgroup of M>o generated by 1 7T | . □ 

Remark 7.7 There do exist nondiscrete nonarchimedean absolute values. For example, 
let Q al be an algebraic closure of Q. We shall see later that the p-adic absolute value 
| \ P :Q — > M extends to Q al (in many different ways). Since Q al contains an element p 1 ^" 
for all n, we see that |Q alx | b {p~ l ) l l n = 1/ »/p for all n, and 1/ 'ifp 1 as n -> oo. In 
fact, one can show that |Q alx | = {p r \ r e Q}, which is not discrete in M>o- 

Equivalent absolute values 

Note that an absolute value | | defines a metric on K, with distance function 

d{a,b) = \a — b\, 

and hence a topology on K: for a e K, the sets 

U(a,s) = {x 6 K | \x — a\ < s}, s > 0, 

form a fundamental system of open neighbourhoods of a. A set is open if and only if it is a 
union of sets of the form U(a,e). 

For example, for the topology on Q defined by | \ p , a and b are close if their difference 
is divisible by a high power of p. In particular, the sequence 

l,p,p 2 ,...,p n ,... 
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converges to 0. 

The topology defined by the p-adic absolute value | | p is called the p-adic topology on 

K. 

Proposition 7 . 8 Let \ \ i , | I2 be absolute values on K, with \ \ \ nontrivial. The following 
conditions are equivalent: 

(a) I |i, I 1 2 define the same topology on K; 

(b) |a|i < 1 =>• |or| 2 < 1; 

(c) I b = I I" for some a > 0. 

Proof, (a) =>• (b): Since \a n \ — \a\", clearly a" -> if and only if |ot| < 1. Therefore (a) 
implies that 

|a|i < 1 <^=> |of I2 < 1- 
(b) =>■ (c): Because | |i is nontrivial, there exists a y e K such that \y \ > 1. Let 

a = log I ^ 1 2 / log I y 1 1 , 

so that 

logljh = a -log 

or 

\y\2 = \yft. 

Now let x be any nonzero element of K. There is a real number b such that 

Mi = IjIi- 

To prove (c), it suffices to prove that 

\xh = \y& 

because then 

\x\2 = \y\ b 2 = \y\f = W?. 

Let w/«, « > 0, be a rational number > b. Then 

— 

Mi = Mi < Mi" 

and so 

|x"/j m |Kl. 
From our assumption (b), this implies that 

\x"/y m h<i 

and so m 

M2<M 2 " 

This is true for all rational numbers ^ > b, and so 

M 2 <M|. 

A similar argument with rational numbers ™ < b shows that 

\x\ 2 >\y\ b 2 , 

and so we have equality, which completes the proof of (a). □ 

Two absolute values are said to be equivalent if they satisfy the conditions of the propo- 
sition. 
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Properties of discrete valuations 

We make some easy, but important, observations about discrete valuations. 

7.9 For an additive valuation, we are given that 

ord(<3 + b) > min{ord(a , ),ord(6)} 

and we checked (p56) that this implies that equality holds if ord(cz) ^ ord(&). For multi- 
plicative valuations, we are given that 

\a + b\ < max{|<3|, \b\}, 

and a similar argument shows that equality holds if \a\ ^ \b\. This has the following con- 
sequences. 

7.10 Recall that we define a metric on K by setting d(a,b) = \a — b\. I claim that if x is 
closer to b than it is to a, then d(a,x) = d(a,b). For we are given that 

\x — b\ < \x — a\, 

and this implies that 

\b — a\ = \b — x + x — a\ = \x — a\. 

7.11 Suppose 

fll +«2 H VO-n =0. 

Then an argument as on p65 shows that the maximum value of the summands must be 
attained for at least two values of the subscript. 

Complete list of absolute values for the rational numbers 

We now give a complete list of the absolute values on (Q) (up to equivalence). We write | \ 00 
for the absolute value on Q defined by the usual absolute value on M, and we say that | |oo 
is normalized. 

Theorem 7.12 (Ostrowski) Let \\bea nontrivial absolute value on Q. 

(a) If | | is archimedean, then \ \ is equivalent to \ |oo. 

(b) If | | is nonarchimedean, then it is equivalent to \ \ p for exactly one prime p. 
PROOF. Let m,n be integers > 1. Then we can write 

m = «o + ciin H \-a r n r 

with the a,- integers, < a,- < n, n r < m. Let N = max{l, |«|}. By the triangle inequality, 

\m\ < y^|a z -||n|' < y^ i \aj\N r , 

We know 

r < log(m)/log(«), 
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(log relative to some e > 1) and the triangle inequality shows that 

\®i I < 1 1 H 1- 1 1 = a-i 1 1 1 =ai <n. 

On putting these into the first inequality, we find that 

(logW7\ \ogm 
1 + — — )nN l0 s« . 
logM J 

In this inequality, replace m with m f (t an integer), and take tth roots: 

I 

?logm\ < i i°g m 

H — n~tN^ n . 

log« / 

Now let r -> oo. The terms involving t tend to 1, and so 

logm 

| m | < jVT°s"\ (*) 

Case (i): For all integers n > 1, \n\ > 1. 
In this case N = |n|, and (*) yields: 

| m |l/l0g#W < | n |l/l0g«_ 

By symmetry, we must have equality, and so there is an c > 1 such that 

c = |m| 1/logm = |«| 1/logn 

for all integers w , n > 1 . Hence 

\n\ = c logn = e l0 § cl °g" = n lo § c , all integers n > 1. 
Let a = logc, and rewrite this 

\n\ = l^l^j, all integers n > 1, 

where | |oo is the usual absolute value on Q. Since both | | and | 1^ are homomorphisms 
Q x -> M>o, the fact that they agree on a set of generators for the group Q x (the primes and 
— 1) implies that they agree on all of Q x . 
Case (ii): For some n > 1, \n \ < 1. 

In this case, N = 1, and (*) implies |m| < 1 for all integers m. Therefore the absolute 
value is nonarchimedean. Let A be the associated local ring and m its maximal ideal. From 
the definition of A, we know that Z C A. Then m n Z is a prime ideal in Z (because m is 
a prime ideal), and it is nonzero for otherwise the absolute value would be trivial. Hence 
m fl Z = (p) for some p. This implies that \m\ = 1 if m is an integer not divisible by p, 
and so \np r \ = \p\ r if n is a rational number whose numerator and denominator are not 
divisible by p. If a is such that \p\ = (1/ p) a ; then |x| = \x\p for all xeQ. □ 

Theorem 7.13 (Product Formula) Forp = 2, 3, 5, 7, ...,oo, Jet | |^ be the correspond- 
ing normalized absolute value on Q. For any nonzero rational number a 

Y\ \ a \p = 1 (product over all p including oo). 



\m\ < 
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Proof. Let a = a/b, a,b e Z. Then \a\ p = 1 unless p\a or p\b. Therefore \a\ v = 1 for 
all but finite many vs, and so the product is really finite. 

Let n(a) = Yi\ a \v- Then n is a homomorphism Q x — > M x , and so it suffices to show 
that Tt{— 1) = 1 and n(p) = 1 for each prime number p. The first is obvious, because 
| — 1 1 = 1 for all absolute values | | . For the second, note that 

\p\p = l/P< \p\q = l, gaprime^/?, \p\ 00 = p. 
The product of these numbers is 1 . □ 

The primes of a number field 

Let K be an algebraic number field. An equivalence class of absolute values on K is called 
a prime or place of K. 

THEOREM 7.14 Let K be an algebraic number field. There exists exactly one prime of K 

(a) for each prime ideal p; 

(b) for each real embedding; 

(c) for each conjugate pair of complex embeddings. 

Proof. See Chapter 8. □ 

In each equivalence class of absolute values of K we select a normalized absolute value 2 
as follows: 

for a prime ideal p of O k , M p = (l/Np) ord e (a) = (O p : (a)r 1 ; 

for a real embedding o: K M, \a\ = \oa\; 

for a nonreal complex embedding a: K <-*■ C, \a\ = \aa\ 2 . 
Note that this last is not actually a absolute value, because it doesn't satisfy the triangle law. 
There are various ways of getting around this problem the best of which is simply to ignore 
it. 

Notations 

We generally write v for a prime. If it corresponds to a prime ideal p of Ok, then we 
call it a finite prime, and we write p v for the ideal. If it corresponds to a (real or nonreal) 
embedding of K, then we call it an infinite (real or complex) prime. We write | 1^ for an 
absolute value in the equivalence class. If L D K and w and v are primes of L and K such 
that | \ w restricted to K is equivalent to | 1^, then we say that w divides v, or w lies over 
v, and we write w\v. For a finite prime, this means ^ w n Ok = Pv or, equivalently, that 
ty w divides • Ol- For an infinite prime, it means that w corresponds to an embedding 
a:LnC that extends the embedding corresponding to v (or its complex conjugate). 

Theorem 7.15 (Product Formula) For each prime v, let \ \ v be the normalized ab- 
solute value. For every nonzero a e K, 

J - J \a\ v = 1 (product over all primes of K). 

2 These are the most natural definitions for which the product formula hold. Alternatively, let K v be the 
completion of K with respect to the absolute value v, and let /ibea Haar measure on (K v ,+) — it is uniquely 

def 

determined up to a nonzero constant. For any nonzero a € K v , fj, a (U) = [i (aU) is also a Haar measure on 
(K v , +), and so [i a = c(a)/i for some constant c(a). In fact, c(a) = \a\, the normalized absolute value of a. 
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PROOF. The product formula for a general number field follows from the product formula 
for Q and the next result. □ 

Lemma 7.16 Let L be a finite extension of a number field K. 

(a) Each prime on K extends to a finite number of primes of L. 

(b) For every prime v of K and a e L x , 



Proof. See Chapter 8. □ 

Remark 7.17 The product formula is true in two other important situations. 

(a) Let AT be a finite extension of k{T) where k is a finite field. According to (7.3), 
the absolute values of K are all discrete, and hence correspond to discrete valuation rings 
in K. As in the number field case, we can normalize an absolute value by setting \a\ v = 
(1 /pju) ord «( a ) where Nw is the number of elements in the residue field of the discrete valua- 
tion ring and ord v .K x -» Z. Then Y\ v \a\v = 1- The proof of this is easy when K = k(T), 
and the general case is obtained by means of a result like (7. 16). 

(b) Let K be a finite extension of k(T) where k is an algebraically closed field. In 
this case we look only at primes that are trivial when restricted to k. All such primes are 
nonarchimedean, and hence correspond to discrete valuations ord„: K x -» Z. Fix an e > 1, 
and define \a\ v = (l/e) ordv ^ for every v. Then f\ \a\ v = 1 for all a e K x . This of course 
is equivalent to the statement 



For example, let X be a compact Riemann surface, and let K be the field of meromorphic 
functions on X. For each point P of X we have a discrete valuation, defined by ordp ( /") = 
m or — m according as / has a zero or pole of order m at P. The valuations ordp are 
precisely the valuations on K trivial on C C K, and so the product formula for K is simply 
the statement that / has as many zeros as poles. 

The proof of this runs as follows: the Cauchy integral formula implies that if / is a 
nonconstant meromorphic function on an open set U in C, and r is the oriented boundary 
of a compact set C contained in U, then 



where Z is the number of zeros of / in C and P is the number of poles of /, both counted 
with multiplicities. This formula also holds for compact subsets of manifolds. If the man- 
ifold M is itself compact, then we can take C = M , which has no boundary, and so the 
formula becomes 



\\\a\ w = \Nm L/K a\ v . 



w\v 





Z-P = 



0. 



i.e., 



^ord/>(/) = 0, PeM. 
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The weak approximation theorem 

Recall that an absolute value on a field K is homomorphism a i->- \a\ : K x — >• M>o such 
that \a + b\ < \a\ + \b\ for all a,b e K x .We extend it to AT by setting |0| = 0. An absolute 
value is trivial if |a| = 1 for all a ^ 0. Two nontrivial absolute values | ■ |i and | ■ I2 are 
equivalent if \a\\ < 1 implies \c1\2 < 1, in which case | ■ | 2 = | ■ |^ for some r e M>o (see 
7.8). The statements in this section continue to hold if we replace "absolute value" with 
"positive power of a absolute value" (which, in the archimedean case, may fail to satisfy 
the triangle rule). 

LEMMA7.18 -Ef I'll > I " I2 5 ••• > I " In are nontrivial inequivalent absolute values of K , then 
there is an element a e K such that 

Mi > 1 

|a|j < 1, i 7^ 1. 

PROOF. First let n = 2. Because | |i and | I2 are inequivalent, there are elements b and c 
such that 

' \b\\ < 1, \b\ 2 > 1 
|c 1 1 > 1, |c| 2 < 1. 

Now a = I has the required properties. 

We proceed by induction assuming that the lemma is true for n — 1 absolute values. 
There exist elements b, c such that 

j \b\i > 1, H < 1, i =2,3,...,n-l 

( |c|i > 1, \c\ n < 1 

If \b\ n < 1, then a = b works. If \b\ n = 1, then a = cb r works for sufficiently large r. If 
\b\ n > 1, then a = j^f works for sufficiently large r, because converges to or 1 
according as \b\ < 1 or \b\ > 1. □ 

Lemma 7.19 In the situation of the last lemma, there exists an element of K that is close 
to 1 for I ■ 1 1 and close to for \ ■ |, , i =2,...n. 

PROOF. Choose a as in (7.18), and consider a r = 1 ° flr . Then 

1 1 
\l+a r \i \a\\ — l 



as r — >• 00. For j > 2, 



|a|, |a|- 



|l+a|[ " l-|a|r 



as r 00. 



Theorem 7.20 Let | • |i , | • I2 , ... , | • |« be nontrivial inequivalent absolute values of a 
field K, and let a 1 , . . . , o n be elements of K . For every s > 0, there is an element ci E K 
such that \a — a.i\i < e for all i . 

PROOF. Choose bj, i = 1 , . . . , n, close to 1 for | |, and close to for | \j , j ^ i. Then 

a = a\b\ H \-a„b„ 



works. 



□ 
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Let Kj be the completion of K for | • |,\ The statement of the theorem also holds with 
at in Ki (rather than K) — choose a\^K very close to a,- and a e K very close to each a-. 
Thus A" (embedded diagonally) is dense in \\ Kj . 

The theorem shows that there can be no finite product formula. More precisely: 

Corollary 7.21 Let | • |i, | • I2. ••• > I • In be nontrivial inequivalent absolute values on a 
field K. If 

\a\\ l ---\a\ r „" = 1, r;6l, 
for all a e K x , then rj = for all i . 

PROOF. If any r, ^ 0, an a for which \a\j is sufficiently large and the \a\j, j ^ i, are 
sufficiently small provides a contradiction. □ 

The reader should compare the Weak Approximation Theorem with what the Chinese 
Remainder Theorem gives (see Exercise 7-1). 

NOTES The Weak Approximation Theorem first occurs in Artin and Whaples 1945. 3 See also Artin 
1959, Our account follows the original. 

Completions 

Let K be a field with a nontrivial absolute value. A sequence (a n ) of elements in K is called 
a Cauchy sequence if, for every e > 0, there is an N such that 

\cin — a m \ < e, all m,n > N. 

The field K is said to be complete if every Cauchy sequence has a limit in K. (The limit is 
necessarily unique.) 

Example 7.22 Consider the sequence in Z 

4,34,334,3334,.... 

As 

\am-a n \ 5 = 5~ n (m>n), 
this is a Cauchy sequence for the 5-adic topology on Q. Note that 

3-4= 12, 3-34= 102, 3-334= 1002, 3-3334= 10002,... 

and so 3 -a„ — 2 as n -> 00. Thus lim n ^ooa„ = 2/3 € Q. 

There is a similar notion of Cauchy series. For example, every series of the form 
a-„p~ n -\ \-a + aip-\ \-a m p m -\ — , 0<at<p, 

is a Cauchy series in Q for the />-adic topology. 

3 Axiomatic characterization of fields by the product formula for valuations, Bull. AMS, 51, 1945, pp. 
469-492. 
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THEOREM 7.23 Let K be a field with an absolute value \ \. Then there exists a complete 
valued field (K, | |) and a homomorphism K —>■ K preserving the absolute value that is 
universal in the following sense: every homomorphism K — > L from K into a complete 
valued field (L, | |) preserving the absolute value, extends uniquely to a homomorphism 
K->L. 

Proof (Sketch) Every point of K will be the limit of a sequence of points in K, and the 
sequence will be Cauchy. Two Cauchy sequences will converge to the same point in K if 
and only if they are equivalent in the sense that 

lim \a n — b„\ = 0. 

n— too 

This suggests defining K to be the set of equivalence classes of Cauchy sequences in K. 
Define addition and multiplication of Cauchy sequences in the obvious way, and verify 
that A' is a field. There is a canonical map K -> K sending a to the constant Cauchy 
sequence a, a, a,..., which we use to identify K with a subfield of K. We can extend a 
homomorphism from K into a second complete valued field L to K by mapping the limit 
of a Cauchy sequence in K to its limit in L. □ 

Remark 7.24 (a) As usual, the pair (K — >• K, | |) is uniquely determined up to a unique 
isomorphism by the universal property (cf. GT 2.4). 

(b) The image of K in K is dense because the closure K of K in K is complete, and 
(K — > K, | |) has the same universal property as (K — > K, \ |). 

For a prime v of K, we write K v for the completion of K with respect to v. When 
v corresponds to a prime ideal p, we write K v for the completion, and O p for the ring of 
integers in K p . For example, Q p is the completion of Q with respect to the p-adic absolute 
value | \ p . We write Z p (not Z p ) for the ring of integers in Q p (the ring of /?-adic integers). 

Completions in the nonarchimedean case 

Let | | be a discrete nonarchimedean absolute value on K, and let n be an element of K 
with largest value < 1 (therefore n generates the maximal ideal m in the valuation ring A). 
Such a n is called a local uniformizing parameter. 
The set of values is 

\K\ = {c m \ meZ}U{0}, c = \n\. 

Let a € K x , and let a n be a sequence in K converging to a. Then \a n \ — >• \a\ (because | | 
is a continuous map), and so \a \ is a limit point for the set |_^ x |. But |^ x | is closed (being 
discrete), and so \a\ e \K*\. Thus \K\ = \K\, and so | | is a discrete absolute value on K 
also. Let ord: K x -» Z be a normalized discrete additive valuation corresponding to | | ; then 
ord extends to a normalized discrete valuation on K. 

Note that if a n a ^ 0, then \a n \ \a \ ^ 0, and (because |_^ x | is discrete), \a„ \ = \a\ 
for all n large enough. 

The ring associated with | | in K is 

A = {a€ K\\a\< 1}. 
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Clearly A is the set of limits of Cauchy sequences in A, and it is therefore the closure of A 
in K. The maximal ideal in A is 

rh = {a e K \ \a\ < 1}. 

Again it is the set of limits of Cauchy sequences in m, and so it is the closure of m. Similarly, 
m" is the closure of m". Let tt be an element with ord(?r) = 1; then n generates m in A 
and rh in A. 

Lemma 7.25 For every n e N, the map A /m" — > A /rh" is an isomorphism. 
Proof. Note that 

m" = {a e A \ \a\ < \n\ n } = {a e A \ \a\ < M" -1 } 

is both open and closed in A. Because it is closed, the map is injective; because rh" is open, 
the map is surjective. □ 

Proposition 7.26 Choose a set S of representatives for A/m, and let n generate m. The 
series 

a- n n~ n H h ao + a\it H \-a m n m -\ — , a, e S 

is a Cauchy series, and every Cauchy series is equivalent to exactly one of this form. Thus 
each element of K has a unique representative of this form. 

Proof. Let = D^-^a^' - Then 

\sm-sn\ < M M+1 ,if M < N, 

which shows that the sequence sm is Cauchy. Let a e K. Because \K\ = \K\, we can 
write a = n"ao with ao a unit in A. From the definition of S, we see that there exists an 
ao e S such that ao — ao e m. Now a °~ a ° e A, and so there exists an a\ e S such that 
a °~ a ° - fli em. Now there exists an a 2 such that a °~ a ^T ai?r - a 2 e rh, etc. In the limit, 

ao = ao + ain-\ — , a = n n ao. 

Note that 

IX>i*'l = \n m \ 

if a m is the first nonzero coefficient. Therefore J2 a i n ' = (if anc on ly if a i 
This proves the uniqueness. 



= for all i. 

□ 



Thus, for example, every equivalence class of Cauchy sequences in Q for | \ p has a 
unique representative of the form 

a- n p~ n -\ hflo + a\p + a 2 p 2 H — , 0<at<p. 

Note that the partial sums of such a series are rational numbers. It is as easy to work with 
such series as with decimal expansions of real numbers — just remember high powers of p 
are small, and hence the first to be ignored. 
We explain this in more detail. The maps 

Z/(p n )^Z (p) /(p n )^Z p /(p n ) 
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are both bijective (see 3.10 for the first map). Let a € Z p . Because the map is bijective, for 
all n, there is an a n e Z such that a = a n mod p n . Note that, if n < m, a n = a m mod p n , 
which implies that (a n ) is a Cauchy sequence. Let 

a„=c + cip-\ Yc n -\p n ~ x mod /A 0<c,-</? — 1; 

then 



;>0 

Conversely, if a = ^,Cip l , < Cj < p— 1, thenco,Ci, . . . is the unique sequence of integers, 
< Ci < p — 1 , such that 

n-l 

a - \cip i mod 
/=o 

If a e but not Z p , then /) m 0! e Z p for a sufficiently large m, and the above arguments 
can be applied to it. 

The following examples illustrate how to work with p-adic numbers. 

Example 7.27 InQ 2 , 

\+2 + --- + 2 n + ■■■ 

converges to — 1 , because the sum of the first n terms is 

2" - 1 

- = 2 n _ l 



2-1 

which converges to — 1 . 

Example 7.28 I claim that —1 is a square in Q5. We have to find a series 
ao + ai5 + «25 2 H , at = 0, 1,2,3, or 4 

such that 

(a + a 1 5 + a 2 5 2 + ...) 2 + 1 = 0. 



We first need that 



a\ + 1 = mod 5. 



Thus we must take ao = 2 or 3; we choose 2 (choosing 3 would lead to the other root). 
Next we need 



and so we want 



(2 + «i5) 2 + l = 0mod 5 2 , 



5 + 20fli =0(mod 5 2 ). 



We must take a\ = \. Suppose we have found 



such that 



c n = ao + ai5 + fl25 2 H \-a n 5 n 



c 2 + l = 0(mod 5" +1 ), 
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and consider c n + a„+i5" +1 . We want 

(c„+a n+l 5 n+l ) 2 + l = 0(mod 5 n+2 ), 

for which we need that 

.2 



or that 
or that 
or that 



c^+\ + 2c n a n+l 5 n+l =0(mod5" +2 ), 
2c n a n+ i5 n+1 = (-1-c 2 ) (mod 5"+ 2 ), 
2c„a n +i = (-l-c 2 )/5" +1 (mod 5), 



4a„+i = (-l-c 2 )/5" +1 (mod 5). 



Since 4 is invertible modulo 5, we can always achieve this. Hence we obtain a series 
converging to — 1 . In fact, 



rr l = Iyr^ = l y°° 



Example 7.29 We study the convergence of the power series 

x 2 x n 

exp(x) = l+x + — H 1 H 

2! «! 

inQp. Write 

n = ao + a\p-\ \-a r p r , 0<cij<p— 1. 

Then 

ordp («!) 

where here [a] denotes the floor of a (largest integer less than a), and 
' n 



' n ' 




" n 






" n 




+ 




+ ■ 


■ + 




.P. 










VP". 



ai+ a 2 p + a-iP 2 H Va r p r 1 



a 2 +a 3 p H Ya r p 



r-2 



On summing these equalities, we find that 

P 



ord p («!) = ao 



1 /-l 



/>-l 

p-\ 



+ Cl\ 



+ 02'- 



p-l p-l 



1 P 

H Va r 



p-l 



Therefore 



01 ^(^)="( or ^W-^T) + ^t- 



As ^trf < iog(p) ' we see tnat — ^ if and only if ord(x) > ^zj. Therefore (see Exercise 
7-2), the series exp(x) converges for ord(x) > jzj- 
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There is a leisurely, and very detailed, discussion of Q p in the first chapter of Koblitz 
1977 4 . 

Aside 7.30 Those who have taken a course in commutative algebra will know another method of 
completing a local ring R, namely 

R' = limi^/m" = {(a n ) \ a n e R/m", a n+ i = a n mod m"}. 

In the case that R is a discrete valuation ring, this definition agrees with the above. There is an 
injective homomorphism 

R—^-R', a\-^-(a„), a n = a mod n n . 

We can define a homomorphism R' — > R as follows: let (a„ ) e R', and choose a representative a' n 
for a n in R; then (a' n ) is an Cauchy sequence whose equivalence class is independent of the choices 
of the a' n , and we can map (a n ) to (a' n ). It is easy to see that the map R' R is surjective, and it 
follows that it is an isomorphism. 

Newton's lemma 

The argument in the above example works much more generally. Let / (X) = X 2 + 1. Then 
all we in fact used was that / (X) has a simple root modulo 5. 

In the rest of this subsection, A is a complete discrete valuation ring and n generates its 
maximal ideal (unless we say otherwise). 

Proposition 7.31 Let f(X) e A[X], and Jeta be a simple root of f(X) mod n. Then 
there is a unique root a of f (X) with a = ao mod n. 

PROOF. Suppose we have found a n = ao mod n such that 

f(a n ) = mod7T n+1 . 
Let a n +i = a n + hn n+1 , h e A. We want 

f(a„ + hn n+1 ) = mod Jt n+2 . 
Recall (trivial Taylor's expansion) that, for any polynomial /, 

f{c + t) = f(c) + t-f'(c) + - 
where f'(X) is the formal derivative of f(X). Then 

f(a„ + hjz n+l ) = f(a n ) + hn n+1 ■ f'{a n ) + ■■■, 
which we want = mod n n+2 . Hence we must take h so that 

« = -^+T •/(««) modTT. 
This is possible because n n+l \f {a n ) and 

f'{a n ) = f'(a ) modTT, 

which is nonzero, and hence invertible, mod n. □ 

4 Koblitz, Neal. p-adic numbers, /)-adic analysis, and zeta-functions. Graduate Texts in Mathematics, Vol. 
58. Springer- Veiiag, New York-Heidelberg, 1977. 
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There is a more general form of the proposition. Recall Newton's approximation 5 
method for finding a solution to / (x) = 0, where / is a function of a real variable. Starting 
from an ao such that f(ao) is small, define a sequence a\,ci2. • •■ by putting 

a n +i =a„- f(a n )/f'(a n ). 

Often a n converges to a root of / (x). In the above proof, this is what we did, but the same 
argument can be made to work more generally. 

Theorem 7.32 (Newton's lemma) Let f(X) e A[X]. Leta e A satisfy 

|/> )|<|/>o)| 2 . 
Then there is a root a of f(X) such that 

/(ao) 



\a — ao\ 



f'{a ) 2 

Proof. Define a sequence uq , a\ , . . . by setting 



f(a n ) 
/'(««) 



and prove that it is a Cauchy sequence converging to a root of f(X). See, for example, 
Milne 2006, 2.12. □ 



There may be more than one root a of f(X) satisfying the condition in (7.32). In the 
2-adic integers, let 

f(X) = X 2 - 8X + 12 = (X - 2)(X - 6), 

so/'(X) = 2X-8. Let a = 10, giving f(a ) = 32, f'(a ) = 12. Thus, \f(a )/f'(a ) 2 \ = 
1/2, and so ao satisfies the first condition. But now |2 — ao\ = 1/8 and |6 — «o| = 1/4 are 
both less than 1/2, and so both roots are within the given radius of ao. 

Proposition 7.31 shows that a simple factor of degree 1 of / (X) mod n lifts to a factor 
of f(X). This generalizes. 

Theorem 7.33 (Hensel's lemma) Let k be the residue field of A; for f(X) e A[X], 
write f (X) for the image of f in k[X]. Consider a monic polynomial f(X) e ^4[^]- If 
f (X) factors as f = go^o with go and ho monic and relatively prime (in k[X]), then f 
itself factors as f = gh with g and h monic and such that g = go and h = ho- Moreover, 
g and h are uniquely determined, and (g,h) = A[X]. 

We first prove that (g,h) = A[X] (such a pair is said to be strictly coprime; in k[X] 
strictly coprime just means coprime, i.e., relatively prime). 

Lemma 7.34 Let A be a local ring with residue field k. If f,g e A[X] are such that f 
and g are relatively prime and f is monic, then ( f, g) = A[X]. More precisely, there exist 
u,v e A[X] with degw < degg anddegv < deg / such that 

uf + vg = l. (18) 

5 When Newton found his interpolation formula in 1670, ancient Chinese mathematicians had been using 
the formula in more sophisticated forms for more than one millennium. He, Ji-Huan, Appl. Math. Comput. 
152 (2004), no. 2, 367-371. 
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PROOF. Let M = A[X]/(f,g). As / is monic, this is a finitely generated ^-module. As 
(f,g) =k[X], we have that (f,g) + m^[X] = A[X] and so mM = M. Now Nakayama's 
Lemma (1.9) implies that M = 0. 

This shows that there exist u,v e A[X] such that (18) holds. If degv > deg/, write 
v = fq + r with deg r < deg /. Then 

(u+qg)f + rg= 1, 

and u+qg automatically has degree < degg. □ 

We next prove uniqueness of g and h. 

Lemma 7.35 Let A be a local ring with residue field k. Suppose f = gh = g'h' with 
g,h,g',h' all monic, and g = g' , h = h! with g and h relatively prime. Then g = g' and 
h = h'. 

PROOF. From the preceding lemma we know that (g,h') = A[X], and so there exist r,s e 
A[X] such that gr + h's = 1. Now 

g' = g'gr + g'h's = g'gr + ghs, 
and so g divides g' . As both are monic and have the same degree, they must be equal. □ 

Finally, we prove the existence of g and h. We are given that there exist monic polyno- 
mials go, ho e A[X] such that 

f-goho €7t-A[X]. 

Suppose we have constructed monic polynomials g n , h n such that 

/- ? A=0mod 7T n+1 A[X] 

and g n = go, h n = ho mod 7T^4[X]. We want to find u, v e A[X] with degu < deggo and 
degi; < deg/zo such that 

/ - (g n + 7i n + l u)(h n + 7T n + 1 v) = mod Ji n+2 A[X], 

i.e., such that 

(/ - gnhn) ~ 7Z n+ \uh n + g n v) = mod 7i n+2 A[X]. 

Thus we are looking for polynomials u, v in A[X] with degw < deg go and deg v < deg/jo 
such that 

uh n +g„v - (f -g n h n )/n n+1 mod 7tA[X], 

Because go and ho are monic and relatively prime, Lemma 7.34 shows that such polyno- 
mials exist. 

Remark 7.36 An induction argument extends the theorem to show that a factorization of 
/ into a product of relatively prime polynomials in k[X] lifts to a factorization in A[X]. 
For example, in F^LY], X p — X splits into p distinct factors, and so it also splits in Z P [X]. 
Hence Z p contains the (p — l)st roots of 1. More generally, if K has a residue field k with 
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q elements, then K contains q roots of the polynomial X q — X. Let S be the set of these 
roots. Then 

a \-> a: S k, 

is a bijection preserving multiplication (but not, of course, addition) - the elements of S are 
called the Teichmiiller representatives for the elements of the residue field. 

Remark 7.37 Theorems 7.32 and 7.33 are both stronger versions of 7.31. There is in fact 
a stronger version of 7.32. For a polynomial h = a X 1 , define 

\\h\\ - max|cj|. 

Let 

f(X) = a n X n +a n - 1 X n - 1 +--- + a eA[X] 

have \a„ \ = 1 (i.e., a n is a unit). Let go(X) and ho(X) be polynomials in A[X] with degrees 
r and s respectively, and suppose that 

||/(X)-goWo(X)|| < |Resfe (*),fto(*))l 2 

where Res denotes the resultant. Then / (X) factors in A[X] as the product of a polynomial 
of degree r and a polynomial of degree s. The proof follows the same general lines as the 
above proofs. In fact, the hypothesis can be replaced by 

||/(Z)-go(Z)/j (X)||<|disc(/)|. 

(For this, see Cassels 1986, pl07.) 

Note that, this gives an algorithm for factoring polynomials in Q^[X] (for example). 
Given f(X), compute disc(/). If this is zero, then / and /' have a common factor, 
which we can find by the Euclidean algorithm. Otherwise ord(disc(/)) = m for some m, 
and it is enough to consider factorizations of / into polynomials with coefficients in the 
finite ring Z/ p mr L. Apparently the fastest algorithms for factoring polynomials in 7L\X\ 
begin by factoring in r L p \X\ for an appropriate prime p — computers seem to have no 
problem handling polynomials of degree 200. (But Exercise 7-6 shows that there exist 
irreducible polynomials in Z[X] of arbitrarily large degree that factor in all the rings 7L P \X\ 
into polynomials of low degree.) 

Extensions of nonarchimedean absolute values 

We explain how to extend a absolute value to a larger field. 

Theorem 7.38 Let K be complete with respect to a discrete absolute value \ \k, and let 
L be a finite separable extension of K of degree n. Then \ \k extends uniquely to a discrete 
absolute value \ |^ on L, and L is complete for the extended absolute value. For all e L, 

l^lL = |Nm L/JCi 8|i /B . 

PROOF. Let A be the discrete valuation ring in K, and let B be its integral closure in L. 
Let p be the maximal ideal of A. We know from (3.29) that B is a Dedekind domain, and 
the absolute values of L extending | | p correspond to the ideals of B lying over p. 
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Suppose that there are distinct prime ideals *Px an d in B dividing p. There will be 
a B e B such that *Pi n A[B] ^ <£ 2 H for example, choose |5efi such that ft e 
j8 £ qp 2 - Let /(X) be the minimum polynomial of B over A", so that A[B] ~ 4[Z]/(/(_Z)). 
Because /(X) is irreducible in and A is complete, Hensel's lemma shows that / (X) 
(image of / (X) in k[X], k = A/p) must be a power of an irreducible polynomial. Then 

A[p]/pA[B]™k[X]/(f(X)) 

is a local ring, which contradicts the fact that A[fi] has two prime ideals containing p. 

Hence | | p extends uniquely to an absolute value | \l on L. Similarly, | | p also extends 
uniquely to an absolute value | \l> on a Galois closure V of L. 

For each a e Gal(L/ K), consider the map L C, /3 i-> This is again a absolute 

value on L, and so the uniqueness implies that \/3\l = \ofi\L'- Now 

\Km{fi)\R = \X\°P\u = ml 

which implies the formula. 

Finally, we have to show that L is complete. Let e\,...,e n be a basis for B as an 
^4-module, and let (a(m)) be a Cauchy sequence in L. Write a(m) = a\{m)e\ + ■■■ + 
a n (m)e n , with di(m) e ^. For each /, ai(m) is a Cauchy sequence, and if a,- denotes its 

def 

limit, then a — a\e\ H h a n e„ is the limit of the sequence a(m). □ 

Remark 7.39 It is obvious from the criterion (7.2) that a nonarchimedean absolute value 
can only extend to a nonarchimedean absolute value. It is possible to prove (7.38) without 
assuming that the absolute value | | on AT is discrete or even nonarchimedean, but the proof 
is then completely different, and much longer — we shall in fact need this in the Chapter 
8, and so I should have included it. The formula \/3\l = |Nm^/^ PIk" shows that | \l is 
discrete if and only if | |^ is discrete. 

Corollary 7.40 Let K be as in the theorem, and let Q be a (possibly infinite) separable 
algebraic extension of K. Then \ \k extends in a unique way to an absolute value \ \& on 
Q. 

PROOF. The theorem shows that | \k extends in a unique way to every finite subextension 
of Q, and hence it extends uniquely to Q. □ 

Remark 7.41 In the last corollary, the extended absolute value is still nonarchimedean, 
but it need not be discrete, and Q need not be complete. However, the completion of Q is 
again algebraically closed. 

For example as we noted in (7.6), the absolute value on the algebraic closure Q^ 1 of 
Q p is not discrete, and Exercise 7-7 shows that Q^ 1 is not complete. The completion of 
Q^ 1 is often denoted C p because it plays the same role for the jc-adic absolute value on Q 
that C plays for the real absolute value. (In fact C p rs C as abstract fields because they are 
both algebraically closed, and they both have a transcendence basis with cardinality equal 
to that of M. The isomorphism is as far from being canonical as it is possible to get — its 
construction requires the axiom of choice.) 

Corollary 7.42 Let K and L be as in the theorem; then n = ef where n = [L : K], e 
is the ramification index, and f is the degree of the residue field extension. 
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PROOF. We know from (3.34) that n = ^ e / fi- I n trns case, there is only one prime divid- 
ing p and so the formula becomes n = ef. □ 

When e = n, so that pB = we say that L is totally ramified over K; when / = n, 
we say that L is unramified over K. 

Note that the valuation ring B of L is the integral closure of the valuation ring A of K. 

Many of the results proved above for complete discrete valuation rings hold also for 
Henselian local rings (see §4 of my notes Lectures on Etale Cohomology). 

Remark 7.43 Let K be complete with respect to a discrete valuation, and let L be a finite 
extension of K. Let and p be the maximal ideals in the rings of integers A and B of 
K and L. Then pB = ty 6 where e is the ramification index. Let n and Yl be generators 
of p and *p. The normalized valuations ord^ and ord^ on K and L are characterized by 
equations: 

ordjtOr) = l, ord L (/7)=l. 
Note that n = I7 e x unit, and so 

ordfc = e~ l ord^ . 
If we denote the extension of ord^ to L by ord, then 

ord(L x ) = e~ lr L. 
This characterizes the ramification index. 

Newton's polygon 

Let K be complete with respect to a discrete absolute value. Let ord be the correspond- 
ing additive valuation ord: K x -» Z, and extend ord to a valuation ord: K alx ->• Q. For a 
polynomial 

f(X) = X n + a 1 X n - 1 + --- + ci„, a t eK, 
define the Newton polygon 6 7 of f(X) to be the lower convex hull of the set of points 

P, = (/,ord(fl,)), i = 0, 

In more detail, rotate the negative _y-axis counter-clockwise about Pq — (0,0) until it hits 
a Pi — the first segment of the Newton polygon is the line PqPi x where P^ is the point 
furthest from Po on the rotated _y-axis. Repeat the process rotating about P^, etc.. The 
resulting polygon starts at Po and ends at P n ; each of its segments begins and ends at a Pi ; 
each Pi either lies on the polygon or is above it; any line joining two points of the polygon 
has no point that is below the polygon (this is what we mean by the Newton polygon being 
lower convex). 

6 Most people write the polynomial ao + a\X + ■■■ + X" when they define Newton polygons. This is 
slightly less convenient than the way I do it, but allows you to define the Newton polygon of a power series. 
7 See mol5703 for an explanation of what Newton did. 
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Proposition 7.44 Suppose that the Newton polygon of f(X) 6 K[X] has segments of 
x-length iti and slope Sj . Then f (X) has exactly m roots a (in K al ) with 

ord(a) = Si . 

Moreover, the polynomial fi (X) = Hordfa )=s — a ») nas coefficients in K. 

PROOF. In proving the first part, we don't have to assume that / (X) has coefficients in K 
— any finite extension of K will do. Thus it suffices to prove the following statement: let 
f(X) = Y\(X — otj); if exactly of the ay's have ord(s,), then the Newton polygon of 
/ (X) has a segment of slope Si and x-length . 

We prove this by induction on n = deg(/). If n = 1, then it is obvious. Assume it for 
n, and put 

g(X) = (X-u) f(X) = X n+1 + biX n + b 2 X n ~ 1 +... + b n+1 . 

Note that b\ = a,- — aa\-\ . 

CASE (i). ord(a) < S\. Recall ord(a + b) > min{ord(fl),ord(&)}, with equality if 
ord(a) ^ orA(b). Using this, one finds that 

the Newton polygon of g is obtained from that of / by adding a segment of slope ord(a) 
and x-length 1, and moving the Newton polygon of / to start at (l,ord(a)). This is what 
the proposition predicts. 

Case (ii). ord(a) — s\. In this case, the initial segment of slope s\ is lengthened by 1, 
and the rest of the polygon is as before. This is what the proposition predicts. 

The remaining cases are similar. 

We now prove the second statement. Let a be a root of f(X), and let m a (X) be the 
minimum polynomial of a. As we saw in the proof of (7.38), ord(a') = ord(a) for all 
conjugates a' of a, i.e., for all roots of m a (X). Because f(a) = 0, m a (X)\f (X), and the 
remark just made implies that in fact m a (X)\fi (X) where Si = ord(a). If fi is a root of 
fi(X)/m a (X), then a similar argument shows that mp(X)\(f, ■/ m a ). Continuing in this 
way, we find that fj (X) is a product of polynomials with coefficients in K. □ 

Example 7.45 Consider the polynomial 8 

f(X) = X 3 + X 2 + 2X- 8. 

By testing ±1, ±2, ±4, ±8 (actually, by asking PARI) one sees that this polynomial is 
irreducible over Q. The Newton polygon of / relative to ord2 has slopes 0, 1,2, each with 
x-length 1. Therefore / splits in Q2[Z], and it has roots ct\, a%, o?3 with ords 0, 1, 2. 

Locally compact fields 

We now look at the compactness properties of our fields. 

8 Keith Conrad suggests changing the polynomial to — X 2 — 2X — 8. As he writes: The roots of this 
are the negatives of the roots of X 3 + X 2 + 2X — 8, so you don't lose anything but you do gain simplicity of 
appearance: having all signs past the leading term equal makes it easier to remember what the polynomial is! 
Perhaps Dedekind himself even used the choice with all negative coefficients; I haven't looked up his paper to 
be sure, but I did check in Hensel's 1894 Crelle paper on extraordinary prime factors of the discriminant that 
he wrote the polynomial as X 3 — X 2 — 2X — 8. 
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Proposition 7.46 Let K be complete with respect to a nonarchimedean discrete absolute 
value. Let A be the ring of integers in K and let m be the maximal ideal in A. Then A is 
compact if and only if A/m is finite. 

PROOF. Let S be a set of representatives for A/m. We have to show that A is compact if 
and only if S is finite. 

=>■: Clearly m = {x e K \ \x\ < 1} is open in K. As A is the disjoint union of the open 
sets s + m, s e S , S must be finite if A is compact. 

•<=: Recall that a metric space X is compact if and only if it is complete and totally 
bounded (this means that for any r > 0, there is a finite covering of X by open balls of 
radius r). But every element of A can be written 

S + S\Tl + S 2 7Z 2 H \-S„7T n -\ , J, £ S. 

For a fixed n, there are only finitely many sums 

So + S\Tl + S2JT 2 H \-S n JT n , SjSS, 

and every element of A is within \n n+1 | of such an element. □ 

Corollary 7.47 Assume that the residue field is finite. Then p", 1 + p", and A x are all 
compact. 

Proof. They are all closed subsets of A. □ 

Definition 7.48 A local field is a field K with a nontrivial absolute value | | (as defined 
at the start of this section) such that K is locally compact (and hence complete). 

Remark 7.49 It is possible to give a complete classification of local fields. 

(a) Let K be a field that is complete with respect to an archimedean absolute value | | ; 
then K is isomorphic to E or C, and the absolute value is equivalent to the usual absolute 
value (also a theorem of Ostrowski). 9 Thus for archimedean absolute values, completeness 
implies local compactness. 

(b) A nonarchimedean local field K of characteristic zero is isomorphic to a finite ex- 
tension of Q p , and the absolute value is equivalent to the (unique) extension of the />-adic 
absolute value. (To prove this, note that, by assumption, K contains Q. The restriction 
of | | to Q can't be the trivial absolute value, because otherwise A x wouldn't be compact. 
Therefore (see 7.12) | | induces a absolute valuen on Q equivalent to the p-adic absolute 
value for some prime number p. The closure of Q in K is therefore Q p . If K has infinite 
degree over Q p , it will not be locally compact.) 

9 Here is a sketch of the proof. The field K contains Q, and the restriction of | | to Q is the usual absolute 
value. Therefore K contains R, and after adjoining a square root of — 1 (if necessary), we may assume K D C. 

Let x e K x C, and let c be the closest element of C to x. Replace x with x — c, so that now \x — z\ > \x\ 
for all z in C. It follows that 

\x"-z"\ = \x-z\\x-^z\\x-^ 2 z\--->\x-z\\x\"-\ 

where f is a primitive nth root of 1. 

On choosing \z\ < 1 and letting n -*■ oo, we find that \x\ > \x — z\. Hence \x — z\ = \x\ and so (taking x — z 
in place of x) \x — 2z\ = \x\, and thus (repeating the argument) | x — nz \ = \x\, contradicting the archimedean 
property. 
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(c) A nonarchimedean local field K of characteristic p ^ is isomorphic to the field 
of formal Laurent series k((T)) over a finite field k. The field k((T)) is the completion 
of k(T) for the absolute value defined by the ideal (T) C k[T]; it consists of finite-tailed 
formal power series: 

oo 
i>—n 

Unramified extensions of a local field 

Again K is a field complete with respect to a discrete absolute value | | . To avoid problems 
with separability, we assume that K and the residue field k are both perfect 10 — of course 
in the case we are particularly interested in, K has characteristic zero and k is finite. Let A 
be the discrete valuation ring in K corresponding to | | . 

If L is an algebraic (possibly infinite) extension of K, we can still define 

B = {a e L | |or| < 1} 

p = {a e B | |a| < 1} 
and call B/p the residue field of L. 

Proposition 7.50 Let L be an algebraic extension of K, and let I be the residue held of 
L. The map K' i-> k' sending an unramihed extension K' of K contained in L to its residue 
held k' is a one-to-one correspondence between the sets 

{K' C L, hnite and unramihed over K} {k' C /, hnite over k}. 

Moreover: 

(a) ifK' ±+ k' and K" o k", then K' C K" k' C k"\ 

(b) if K' o k' , then K' is Galois over K if and only if k' is Galois overk, in which case 
there is a canonical isomorphism 

Ga\(K'/K)^Ga\(k'/k). 

PROOF. Let k' be a finite extension of k. We can write it k' = k[a]. Let fo(X) be the 
minimum polynomial of a over k, and let f(X) be any lifting of fo(X) to A[X]. As a is 
a simple root of fo(X), Newton's lemma (7.31) shows that there is a (unique) a e L such 

def 

that / (a) = and a = a mod p. Now K' = K[a] has residue field k' . Thus K' i-> k' is 
surjective. Suppose that K' and K" are unramified extensions of K in L with the same 
residue field k' . Then K' ■ K" is an unramified extension 11 of K (see 6.5 and 6.6b) with 
residue field k'. Hence 

[K'-K":K] = [k':k] = [K':K], 

and so K" = K' . 

10 When k is not perfect, we should define L/ K to be unramified if (a) the ramification index is 1, and (b) 
the residue field extension is separable. These conditions imply that L/K is separable. With this definition, 
(7.50) continues to hold without K and k being assumed to be perfect 

11 The results (6.5) and (6.6b) express the discriminant of the composite of K' and K" in terms of the 
discriminants of K' and K", from which it follows that if a prime does not divide the discriminant of K' or of 
K", then it doesn't divide the discriminant of their composite. 
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Statement (a) is obvious. 

Assume K' is Galois over K; then Gal(K' / K) preserves A' (the valuation ring in K') 
and its maximal ideal, and so we get a map Ga\(K' / K) — > Aut(k'/ k). Write k' = k[a], 
and let g(X) e A[X] be such that g(X) e k[X] is the minimum polynomial of a. Let 
a e A' be. the unique root of g(X) such that a = a. Because K' is Galois over K, g(X) 
splits in ^4'[X], and this implies that g(X) splits in A:'[X], and so k' is Galois over k. Let 
/ = [k':k] = [K'\ K], and letai, ••• .«/ be the roots of g(X). Then 

{«!,...,«/} = {aa|ae G&\(L/K)}. 

Because g(X) is separable, the a,- are distinct modulo p, and this shows that the image of 
the map Gal(X' / K) — >• Gal^'/ A:) has order /, and hence is an isomorphism. Conversely, 
suppose k' I k is Galois. Again write k' = k[a], and a € A' lift a. It follows from Hensel's 
lemma that A' contains the conjugates of a, and hence that K' is Galois over K. □ 

Corollary 7.5 1 There is a field Kq c L containing all unramified extensions of K in 
L (called the largest unramified extension of K in L). In fact, it is obtained from K by 
adjoining all roots of 1 of order prime to the characteristic of k. 

PROOF. This is an obvious consequence of the theorem. □ 

Corollary 7.52 The residue field of K al is k al ; there is a subheld K un of K aI such that 
a subheld L of K al , finite over K, is unramified if and only if L C K un . (Recall that we are 
assuming k and K to be perfect.) 

PROOF. Let fo(X) be any polynomial in k[X], and let / (X) be any lift of fo(X) to A[X]. 
Then K al contains all the roots of / (X), and so the residue field k' of K aX contains all the 
roots of fo(X). Hence k' is algebraic over k, and every polynomial in k[X] splits in k', and 
so it must be the algebraic closure of k. □ 

Remark 7.53 For those familiar with the language of category theory, we can be a little 
more precise: there is an equivalence between the category of finite unramified extensions 
of K and the category of finite (separable) extensions of k. 

Example 7.54 Let K be a local field of characteristic zero (hence a finite extension of Q p 
for some p), and let q be the order of the residue field k of K. 

Recall from (FT 4.19) that, for each n, there is an extension k n of k of degree n, and 
that k„ is unique up to k -isomorphism; it is the splitting field of X q — X. The Galois 
group Gal(/c„/ k) is a cyclic group of order n, having as canonical generator the Frobenius 
element x m>- x q . 

Therefore, for each n, there is an unramified extension K n of K of degree n, and 
it is unique up to A'-isomorphism; it is the splitting field of X q — X ; the Galois group 
Gal(K n /K) is a cyclic group of order n, having as canonical generator the Frobenius ele- 
ment a which is determined by the property 

op = fi q (mod p), 

all ft e B. (Here B is the discrete valuation ring in K n , and p is the nonzero prime ideal in 
B.) 
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Totally ramified extensions of K 

Let AT be a complete discretely- valued nonarchimedean field, and let n be a local uniformiz- 
ing parameter for K. A polynomial / (X) e K[X] is said to be Eisenstein if it is Eisenstein 
for the maximal ideal of the ring of integers in K, i.e., if 

f(X) — aoX n +a\X n ~ l -\ \-a n , with |ao| = 1, |a/|<l, |a n | = |tt|. 

Equivalently, 

ord(ao) = 0, ord(a,) > 0, ord(a„) = 1, 

for the normalized additive valuation. Equivalently, the Newton polygon of / (X) has only 
one segment, which has slope A n = degf. Eisenstein polynomials allow us to give an 
explicit description of all totally ramified extensions of K. 

Proposition 7.55 Let L he a finite extension of K. Then L/K is totally ramified if and 
only if L = K[a] with a a root of an Eisenstein polynomial. 

PROOF. <=: Suppose L = K[a] with a a root of an Eisenstein polynomial / (X) of degree 
77. If ord is the extension of the normalized discrete (additive) valuation on K to L, then 
ord(a) = l/n. This implies that the ramification index of L/K is > n. But it can't be 
greater than n, and so it is exactly n — L is totally ramified over K. (Compare the proof of 
6.2.) 

Suppose L is a totally ramified extension of K of degree n. Let a be a generator 
of the maximal ideal in the ring of integers in L; thus ord(a) = l/n if ord extends the 
normalized discrete valuation on K. The elements I, a, ...,a n ~ l represent different cosets 
of ord(^ x ) in ord(L x ), and so it is impossible to have a nontrivial relation 

au + a\a-\ h a n -\a n ~ x = 0, cij e K 

(because of 7.11). Hence L = K[a]. The elements I, a, .. . ,a n ~ l ,a n are linearly dependent 
over K, and so we have a relation: 

a n + a\a n ~ l H hfl n = 0, a, e K. 

Applying (7.11) again, we see that the minimum ord of a summand must be attained for two 
terms. The only way this can happen is if ord(a ; ) > for all i and ord(a„) = ord(a") = 1, 
i.e., if ^2diX l is an Eisenstein polynomial. □ 

Remark 7.56 Let L be a finite totally ramified extension of K. Let A and B be the 
discrete valuation rings in K and L, and let n and 77 be a prime elements in A and B. I 
claim that B = A [77]. The argument is the same as in the proof of 6.2 (see also Exercise 
6-1). Because B and A have the same residue field, 

y4[77] + 77S = B. 

The discriminant of 1 , 77, 77 2 , ... is a unitx?r m for some m, and so 

p c B C ^[77] C B 

for some c. As before, these two conditions suffice to imply that B = A [77]. 
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Ramification groups 

Let L be a finite Galois extension of K, and assume that the residue field k of K is perfect. 

def 

As we have noted, G = Gal(L/K) preserves the absolute value on L. In particular, it 
preserves 

B = {a € L | \a\ < 1}, p = {a e L \ \a\ < 1}. 

Let TJ be a prime element of L (so that p = (77)). We define a sequence of subgroups 
G D Go D G\ D ■ ■ ■ by the condition: 



The group Go is called the inertia group, the group G\ is called the ramification group, 
and the groups G, • , z > 1 , are called the higher ramification groups of L over ^. 

Lemma 7.57 The Gi are normal subgroups of G, and Gi = {1} fori large enough. 
Proof. For o,x e G, 



(because |x| = |rx|). As a runs through B, so also does ta, and so r'tri e G, exactly 
when ct does. This proves that G, is normal. 

If a 7^ 1, then aa ^ a for some a e B. Hence a ^ G, as soon as |aa — a\ > |77| ! . □ 

THEOREM 7.58 Let L/K be a Galois extension, and assume that the residue field exten- 
sion I Ik is separable. 

(a) The fixed field of Go is the largest unramified extension Kq of K in L, and 



PROOF, (a) Let ^o be the largest unramified extension in L (see 7.51). Then oKq is also 
unramified, and so it is contained in ^o- Thus K® is Galois over K, and the canonical map 
Ga^A'o/A') — >• Gal(///t) is an isomorphism (see 7.50). By definition Go is the kernel of 
G ->• Gal(/ / k), and so ^o is its fixed field. 

(b) Let Ao be the discrete valuation ring in Kq. Then B = Aq[11\ (by 7.56). Since Go 
leaves Aq fixed, in order to check that o € Gi it suffices to check that \oa — a\ < |/7| ! for 
the element a = TJ. □ 

Corollary 7.59 We have an exhaustive filtration G D G D • ■ ■ such that 

G/G = Gal(///c); 

G /Gi^/ X ; 

Gi/Gi+i^l. 
Therefore, if k is finite, then Gal(L/ K) is solvable. 

PROOF. Let a e Go; then a/7 is also a prime element and so all = ull with u a unit in 
B. The map ubm mod p is a homomorphism Go — >• l x with kernel G\. 

Let a e G t . Then \aTJ-n\ < \Il\ i+x , and so all = TJ + aTJ i+1 some a 6 B. The 
map a h-> a (mod p) is a homomorphism G/ — >• / with kernel G/+i . □ 




t ffitt — a | = |a(ra) — (ra)\ 



G/G = Gal(^ /^) = Gal(//fc). 



(b) For / > 1 , the group 



d = {a e G | |(r77-77| < |77|'}. 
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An extension L/K is said to be wildly ramified if p\e where p = char(/c). Otherwise 
it is said to be tamely ramified. Hence for a Galois extension 

L/K is unramified •<=> Go = {1}, 

and 

L/ K is tamely ramified G\ = {1}. 

Krasner's lemma and applications 

Again let K be complete with respect to a discrete nonarchimedean absolute value | |, 
and extend the absolute value (uniquely) to an absolute value on K al . It is clear from our 
discussion of unramified extensions of K that roots of distinct polynomials / (X) and g(X) 
will often generate the same extension of K; in fact, this will be true if / = g and both 
are irreducible in k[X]. Krasner's lemma and its consequences show that the roots of two 
polynomials will generate the same extension if they are sufficiently close. 

Proposition 7.60 (Krasner's Lemma) Leta,fi e K al , and assume that a is separable 
over K[fi]. If a is closer to f3 than to any conjugate of a (over K), then K[a] C K\fi]. 
PROOF. Let a be an embedding of K[a,f5] into K al fixing K\fi\. By Galois theory, it 
suffices to show that era = a. But 

\aa — p\ = \oa — ofi\ = \a — /3\ 

because ofi = ft and \o * | = | * |. Hence 

\aa — a\ = \oa — /3 + ^ — a\ < \a — fi\. 

Since era is a conjugate of a over K, the hypothesis now implies that aa = a. □ 

Now assume K has characteristic zero (to avoid complications). As before, for h(X) = 
^CiX 1 , we define \\h\\ = max{|c/ 1}. Note that if h(X) varies in a family of monic polyno- 
mials for which \\h\\ remains bounded, then the maximum value of a root of h is bounded; 
in fact, if 

we must have < \cj f3 J \ for some j < n, and so \ fi\ n ~ J < \cj\. 
Fix a monic irreducible polynomial / (X) in ^[X], and let 

f(X) = Y\(X-ai), ai eK* 1 . 

The ai must be distinct. Let g(X) be a second monic polynomial in and suppose 

that II/ — g|| is small. For any root /J of g(X), \f(fi)\ = \(f — g)(fi)\ is small (because 
11/ — g|| small implies that ||g|| is bounded, and hence \ f} \ is bounded). But 

i/08)i =n^-««-i. 

In order for this to be small, at least one term | y0 — or/ 1 must be small. By taking || / — g|| 
small enough, we can force ^ to be closer to one root a,- than a,- is to any other oij . That is, 
we can achieve: 

\fi -Ui | < | a; -ay |, all j ^ i. 

In this case, we say that ft belongs to a,. Krasner's lemma then says that K[at] C K[/3], 
and because / and g have the same degree, they must be equal. We have proved: 



132 



7. Absolute Values; Local Fields 



Proposition 7.61 Let f(X) be a monic irreducible polynomial of K[X]. Then every 
monic polynomial g(X) e K[X] sufficiently close to f(X) is also irreducible, and each 
root f$ of g(X) belongs to some root a of f (X). For such a root K[u] = K\fi]. 

Corollary 7.62 Let K be a finite extension ofQ p . Then there is a finite extension L of 
Q contained in K such that [L:Q] = [K: Q p ] and L ■ Q p = K. 

PROOF. Write K = Q p [a], and let f(X) be the minimum polynomial of a over Q p . 
Choose g(X) e Q[X] sufficiently close to f(X), and let L = Q\fi] for ft a root of g(X) 
belonging to a. □ 

Fix a monic polynomial / in ^[^], and let a\,a2, ■ ■ ■ be its roots in K a{ . As a second 
monic polynomial g in K[X] approaches /, each root /3, of g approaches some root otj{i) of 
/, and the function i doesn't change once g is close. Let f s (X) be the polynomial 

with roots the ocjn) (possibly with repetitions). Then, when g is close to /, it is close to f s 
because each of its roots is close to the corresponding root of f s . But if we choose g to be 
closer to / than / is to any possible f s , this will be impossible. We have proved: 

Proposition 7.63 Assume K is of characteristic zero. If two monic irreducible polyno- 
mials f and g are sufficiently close, then each root of g will belong to exactly one root of 
f, and so 

{K[a] | a a root of f} = {K[fi] \ a root of g}. 

PROPOSITION 7.64 Assume K has characteristic zero and has finite residue held. Then, 
up to isomorphism, there are only finitely many totally ramified extensions of Q p of a given 
degree. 

PROOF. We fix an n and show that there are only finite many extensions of degree < n. 
Each point of 

(ai,...,a„) epxpxpx---xA x K 
defines an Eisenstein polynomial of degree n, namely, 

f(X) = X n +a l X n - 1 + --- + a n , 

and hence a finite set of totally ramified extensions of degree n , namely, those generated by 
the roots of / (X). According to the last proposition, each point ofpxpxpx---x^4 x jr 
has a neighbourhood such that the points in the neighbourhood all give the same extensions 
of K. In (7.47) we showed that the factors ofpxpxpx---x^4 x ?r are compact, hence the 
product is compact, and so a finite number of these neighbourhoods will cover it. □ 

Remark 7.65 We proved above that 

(a) every finite extension L of K contains a largest unramified extension of K; 

(b) for each m > 1, there is an unramified extension of degree m of K, and any two such 
extensions are ^-isomorphic. 

Fix an n; then each extension L of K of degree n can be realized as a totally ramified 
extension of degree n/mof the (unique) unramified extension of degree m, some m dividing 
n. Clearly there are only finitely many such L's (up to /^-isomorphism). 
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Exercises 

7-1 Let | • 1 1, . . . , | • \ n be the absolute values on a number field K corresponding to distinct 
prime ideals p,, and let a\, . . . ,a n be elements of K. Let d be a common denominator for 
the a,- (so that dai e Ok)- Show that, for every s > 0, there is an element a € K such that 
\a — a,i\i < s for i = \,...,n and \a\ < l/\d\ for all absolute values | • | corresponding to 
prime ideals other than the pi. 

Hint: Apply the Chinese Remainder Theorem to the daj. 

7-2 Let | | be nonarchimedean absolute value on a field K. 

(a) Define an open disk with radius r and centre a to be 

D(a,r) = {x e K \ \x — a\ < r}. 

Prove that D(a,r) = D(b, r) for any b e D(a,r). Deduce that if two disks meet, then the 
large disk contains the smaller. 

(b) Assume K to be complete. Show that the series ^a n converges if and only if 
a„ 0. 

(This problem illustrates the weirdness of the topology defined by a nonarchimedean abso- 
lute value.) 

7-3 For which a e Z is IX 2 = a solvable in Z7? For which a e Q is it solvable in Q7? 

7-4 (a) Show that (X 2 - 2){X 2 - \1)(X 2 - 34) has a root in % p for every p. 

(b) Show that 5X 3 - IX 2 + 3X + 6 has a root a in Z 7 with \a - 1| 7 < 1. Find an a € Z 
such that \a — a\i < 7 -4 . 

7-5 Find all the quadratic extensions of <Q>2- Hint: there are exactly 7 (up to isomorphism). 

7-6 Let pi,..., p m be distinct prime numbers, and let a,- = Jp~. Let K = Q[ai , . . . , a m ]. 
Show that [K:Q] = 2 m . Let y = Show that K = Q[y], and deduce that the minimum 

polynomial f(X) of y over Q has degree 2 m . Show that f(X) factors in 7L P \X\ into a 
product of polynomials of degree < 4 (p 7^ 2) or of degree < 8 (p = 2). 

7-7 Fix an algebraic closure Q^ 1 of Q p , and for each n prime to p, let be a primitive 
«th root of 1. Show that a finite extension K of Q p can contain only finitely many £„'s. 
Deduce that the Cauchy sequence J] £„p n does not converge to an element of Q p l . 

7-8 (a) Find two monic polynomials of degree 3 in Q5 [X] with the same Newton polygon, 
but with one irreducible and the other not. 

(b) Find a monic irreducible polynomial in Z[X] of degree 6 which factors in Qs[X] 
into a product of 3 irreducible polynomials of degree 2. 
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Global Fields 



A global field is an algebraic number field (finite extension of Q) or a function field in one 
variable over a finite field (finite extension of ¥ q (T) for some q). We are mainly interested 
in the number field case. 

Extending absolute values 

Let K be a field with a absolute value | | (archimedean or discrete nonarchimedean), and let 
L be a finite separable extension of K. When K is complete, we know that there is a unique 
extension of | | to L (see 7.38, 7.39), and we want to understand the extensions when K is 
not complete. 

Write L = K[a], and let f(X) be the minimum polynomial of a over K. Let | |' be 
an extension of | | to L. Then we can form the completion L of L with respect to | |', and 
obtain a diagram: 

L c > L 



K ' > K 

Then L = K[a] because K[a] is complete, being finite over K, and contains L. Let 
g(X) be the minimum polynomial of a over K. Since f(a) = 0, g(X) \ f (X), and so with 
each extension of | |, we have associated an irreducible factor of / (X) in ^[X]. 

Conversely, let g(X) be a monic irreducible factor of f(X) in ^[X], and let K[x] = 
K[X]/ (g(X)). Then we obtain a diagram: 

L < > K[x] 

K < > # 
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According to (7.38, 7.39), the absolute value on K extends uniquely to K[x], and this 
induces a absolute value on L extending | | . 

These two operations are inverse, and so we have proved the following result: 

Proposition 8.1 Let L = K[a] be a finite separable extension of K, and let f(X) be 
the minimum polynomial of a over K. Then there is a natural one-to-one correspondence 
between the extensions of\\toL and the irreducible factors of f (X) in K[X\. 

There is a more canonical way of obtaining the completions of L for the various exten- 
sions of | | . 

Proposition 8.2 Let | | be a absolute value on K (archimedean or discrete nonarchimedean ) 
and let L be a finite separable extension of K. Let K be the completion of K with respect 
to | | . Then \ \ has finitely many extensions | 1 1 , . . . , | |^ to L; if Li denotes the completion 
of L with respect to the absolute value | |,-, then 

L® K K~Y\f =1 Li- (19) 
PROOF. Since L is separable over K, L = K[ot] ~ K[X\/ (/ (X)) for a primitive element 
a € L and its minimum polynomial f(X). Suppose f(X) factors in K[X] as 

f(X) = MX).f 2 (X)-.-f g (X) 

with fi(X) monic and irreducible. Then (see 1.18) 

L® K K = K[a] ® K K* K[X]/((f(X)) ~ n K[X]/(ft (X)) 

and so the proposition follows from (8.1). Denote the canonical map from L into its com- 
pletion by a i-> at , and denote the canonical extension of K — > L,- to K by b i-> b; then the 
map (19) is a ®b \-> {ci\b, . . . ,a g b). □ 

Remark 8.3 Suppose now that AT is a number field, that Ol = Ok[&], and that | | = | L 
for some prime ideal p in Ok- Because fi(X) is irreducible in Hensel's lemma 

shows that, modulo p, fi (X) is a power of an irreducible polynomial, say, 

fi(x) = gi (xr. 

Then 

and (3.41) tells us that 

pO L = UV e ^ % = (p, gi (a)). 

The absolute values extending | | p correspond to the primes and so the two descriptions 
of the extensions agree. 

Corollary 8.4 In the situation of the Proposition, for any element a e L, 

Nm L/K (a) = n Nm L; /R (a) , Tr L/K (<*) = £ Tr L; /K (a) . 
(in the i th factor or summand on the right, a is regarded as an element of Li). 
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PROOF. By definition the norm and trace of a are the determinant and trace of the AMinear 
map x i— >■ ax: L — > L. These don't change when L is tensored with K, and it easy to see 
that norms and traces in products break up into products and sums respectively. □ 

Example 8.5 According to PARI 

f(X) = X 6 + 5X 5 + 5X 3 + 25X + 125 

is irreducible in Q[X]. Its Newton polygon for ords has three segments of x -lengths 3, 2, 1 
respectively, and so it has at least three factors in Q5. The discriminant of / (X) is 

2 4 5 n (59)(365587), 

and so according to (7.37), to find the number of factors of f(X) in Qs[X], it suffices to 
factor in modulo 5 . Better, according to Pari, f(X) has exactly 3 irreducible factors in 
Q 5 [X], namely, 

X + (5 + 4-5 2 + 2-5 3 ) + 0(5 4 ) 

X 2 + (3 ■ 5 2 ) X + (5 + 5 2 + 3 ■ 5 3 ) + 0(5 4 ) 

X 3 + (3 • 5 2 + 5 3 )X 2 + (4 • 5 + 3 ■ 5 2 ) X + 5 + 0(5 4 ) 

(Type f actorpadic (f ,p,r) where r is the precision required.) 
Suppose have a factorization 

f(X) = MX)f 2 (X)MX) 

(to whatever degree of accuracy we wish). To compute \/3\i, map fi = Yl c j aJ to Pi = 
^Cjuj 6 Li = Qs[a ; -], Qfj a root of fi(X), and use that 

^|, = |A|/ = |Nm Li . /Q5i 6|, 1/deg/ '-. 

The product formula 

Before proving the product formula for a number field, we need one extra fact for local 
fields. 

Let K be a local field with normalized absolute value | | . Recall that this means that | 
is the usual absolute value if K is M, the square of the usual absolute value if K is C, and 
\a\ = (l/Np) ord ( a ) if the absolute value is defined by a prime ideal p. 

Let L be a finite separable extension of K, and let | | be the unique extension of | | to 
L. Let I I be the normalized absolute value on L corresponding to | |. What is the relation 
of || || to I I? 

Lemma 8.6 In the above situation, \\a\\ = \a\ n , where n — [L:K\. 

PROOF. When K is archimedean, there are only two cases to consider, and both are obvi- 
ous. Thus, assume K is nonarchimedean. Since, by assumption, || || = | | c for some c, we 
only have to check that the formula holds for a prime element n of K. Let TJ be a prime 
element of L, and let ^ = (77) and p = (tz); then jz = (unit) x 77 e , and so 

|| || = \\n e \\ = (l/N*P) e = (1/Np) e/ = |7r| n , 
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as required. 

Alternatively, use (7.43). For a e K,we have 

||a|| d ^ f T^r ordz - fl (? = 3) (Np / )- e -° rd ^ fl = \a\ ef = \a\ n . a 

Proposition 8.7 Let Lj K be a Unite extension of number fields. For any prime v of K 
and a e L , 

}~[|MU = \\Nm L / K a\\ v . 

w\v 

Here \\ \\ w and || \\ v denote the normalized absolute values for the primes w and v. 
PROOF. Let | = 1,2,. ,.,g, be the extensions of || \\ v to L, and let || || 2 - be the normal- 
ized absolute value corresponding to | |/. Then 

II Nm L/f a || „ = 4 || ]lf = i Nm L . /& a\\ v = Y\f= i II Nm L . jk a \\ v 



7.38 Y-rg . .n: 8.6 f-rg 

= nf=iH- = nf=iiiai 



where m — [Li'.K]. 



Theorem 8 . 8 (Product formula) Let K be an algebraic number held; for all nonzero 
asK, 

nHliu = i. 
w 

where the product is over the primes of K and || || w is the normalized absolute value for the 
prime w. 
Proof. We have 

EL Mw = HL (n«,| V n«iu) (8 = 7) nji Nm ^/Q a ^ 

where v runs through the primes 2,3,5,7, ...,oo of Q. The last product is 1 by (7.13). □ 

Aside 8.9 E. Artin and Whaples (1946) 1 proved that global fields can be characterized axiomati- 
cally. Let K be a field with a set 23 of primes (equivalence classes of absolute values) satisfying the 
following axioms. 

Axiom I. There is a set of representatives | |„ for the primes such that, for any nonzero a e K, 
\a\ v ^ 1 for only finitely many v and 

Y\ |a| v = 1 (product over all v e 23). 

Axiom II. There exists at least one prime v for which K v is a local field. 
Then K is a global field, and 23 consists of all the primes for K. They then derived the main theorems 
(unit theorem and finiteness of the class number) directly from the axioms, thereby avoiding the use 
of either ideal theory or the Minkowski theory of lattice points. 

Throughout his career, E. Artin promoted the idea that if only one could understand the similar- 
ities between function fields and number fields sufficiently well, then one could transfer proofs from 
function fields to number fields (e.g. the proof of the Riemann hypothesis!). This hasn't worked 
as well as he hoped, but the analogy has still been very fruitful. In the above paper, he suggested 
one should develop number theory and class field theory as much as possible working only from the 
axioms. 



'Artin, Emil; Whaples, George. Axiomatic characterization of fields by the product formula for valuations. 
Bull. Amer. Math. Soc. 51,(1945). 46SM-92. Reprinted in: Artin, Emil. Exposition by Emil Artin: a selection. 
Edited by Michael Rosen. History of Mathematics, 30. American Mathematical Society, Providence, Rl; 
London Mathematical Society, London, 2007. x+346 pp. 



138 



8. Global Fields 



Decomposition groups 

Let L be a finite Galois extension of a number field K, and let G = Gal(L/K). For a 
absolute value w of L, we write aw for the absolute value such that |era;| CTlt , = \a\ w , i.e., 
\&\ow = I cr 1 or | ^ . For example, if w is the prime defined by a prime ideal <}3, then aw is 
the prime defined by the prime ideal er*p, because 

W\aw < 1 -<=>• a~ l a e a e a*p. 

The group G acts on the set of primes of L lying over a fixed prime v of K, and we define 
the decomposition (or splitting) group of w to be the stabilizer of w in G; thus 

G w = {a e G | ctw = u;}. 

Equivalently, G w is the set of elements of G that act continuously for the topology defined 
by | |u;. Each a e G w extends uniquely to a continuous automorphism of L w . Note that 
Gxw = tG w t 

Proposition 8.10 The homomorphism G w — > Gal(L w / K v ) just defined is an isomor- 
phism. 

PROOF. Clearly the map is injective, and so (G w : 1) < [L w : K v \. The absolute value aw 
has decomposition group oG w o~ l , which has the same order as G w , and so we also have 
(G w : 1) < [L aw : K v }. The number of distinct wjs dividing v is (G : G^), and so 

(G : 1) = (G : G W )(G W : 1) < £ [L au , : A^] <f [L : K]. 

a€G/G w 

Hence equality holds: (G w : 1) = [L w : K v ] (and G acts transitively on the primes dividing 
v, which we knew already from the proof of 3. 34). 2 □ 

Let D(<£) (or GCP)) be the decomposition group of so that £>(<£) = GeA(Ly/ K p ), 
and let C D(^) be the inertia group. We have the following picture: 



q3 



L 



L 



f 



f 



f 



D(«P)//(«P) 



P K 



2 Altemative proof: If a e Gal(L w / K v ), then the restriction a\j j of a to L is clearly a A"-automorphism of 
L, and it fixes id as a is an automorphism of a local field. Hence the restriction of a to L is an element of the 
decomposition group of w. This map is the inverse of the one in the statement of the proposition. 
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Here: 

qj/ = ynL I ® s >,y D = ynL D ® s >,p = ynK; 

the fields in the second column are the completions of those in the first; 
the fields in the third column are the residue fields of those in the second. 

Proposition 8.11 (a) The only prime ideal of L lying overdo is 

(b) The prime ideal is unramihed in L 1 , and f(tyi /*$£>) = /(Wp)- 

(c) The prime ideal is totally ramified in L, and e(^/^j) = e(^/p). 

(d) If is norma] in G, then 

pO LD = Y\o¥ D 
where the product is over a set of representatives for G/ £>CP). 

PROOF, (a) Because L is Galois over L D ^,its Galois group D(?fi) acts transitively on the 
set of prime ideals of L lying over tyo- Thus (a) is obvious from the definition of Dffl). 
(b), (c), (d) are similarly straightforward. □ 

The diagram, and the proposition, show that we can construct a chain of fields 

L D L l D L D D K 

such that all the ramification of *p over p takes place in the top extension, all the residue 
field extension takes place in the middle extension, and, when L D is normal over K, all the 
splitting takes place in the bottom extension. One should be a little careful about the last 
assertion when Z)(*}3) is not normal in G; all we know in general is that 

with e\ = 1 = f\ (i.e., in general p will not split completely in L D ). 

Remark 8.12 Let L be a Galois extension of Q, with Galois group G. Suppose that 
Ol = 1\oi\ for some a e L. Let / (X) be the minimum polynomial of a over Q, and write 
/ (X) for / (X) modulo p. Choose an irreducible factor g\ (X) of / (X), and let g\ (X) ei 
be the largest power of g\ (X) dividing / (X). According to Hensel's lemma, gi (X) ei lifts 
to an irreducible factor f\ (X) of / (X) in Q p [X], which can be found to any desired degree 
of accuracy by factoring f(X) modulo a high power of p (essentially using the method of 
proof of Hensel's lemma). Let *Pi = (p, h\ (a)) for any lifting h\ of g\ to Z[X]. Then 

D(¥ l ) = {osG |a*Pi =<Pi}, 

which can be computed easily (provided G has been found explicitly as a subgroup of the 
symmetric group on the set of roots of / (X)). Let a be the image of a in Ol/^i = F p [a]. 
Then g\ (X) is the minimum polynomial of a over ¥ p , and 7(*Pi) is the subgroup of -DC^i) 
fixing a. Finally D(<Pi)//(*Pi) = Gal(F p [a]/F p ). 
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Assume M is Galois over K with Galois group G, and that H is the subgroup of G 
fixing L. (Recall D(^) and G(*}3) are two notations for the same object.) 

Proposition 8.13 Let be a prime ideal inC>M, and let^ L = n L . 

(a) The decomposition group H(?fi) of *p over L is G(*}3) D H. 

(b) Suppose further that H is a normal subgroup of G, so that G/H is the Galois group 
of L/K. The decomposition group of^L over K is the image of G(*P) in G/H. 

Proof, (a) Clearly 

#CP) = {cr € G | a e H, = <£} = H n G(«P). 
(b) This is equally obvious. □ 



The Frobenius element 

Let L/K be a Galois extension of number fields with Galois group G. Given an ideal *p 
of L that is unramified in L/ K we define the Frobenius 3 element a = (*}3, L/K) to be the 
element of G( $ P) that acts as the Frobenius automorphism on the residue field. Thus a is 
uniquely determined by the following two conditions: 

(a) a e G(<P), i.e., a<£ = <£; 

(b) for all a e Ol, a a = a q mod *p, where q is the number of elements in the residue 
field <D K /p,P = ynK. 

We now list the basic properties of (*p, L/K). 
8.14 Let r^p be a second prime dividing^, r 6 G. Then G(r*}3) = rG(*P)r , and 

(t?p,L/X) = x(^,L/K)x~ x . 

3 Here is a direct proof of the existence of the Frobenius element. Let L/K be a finite Galois extension 
of number fields with Galois group G, and let ?p be a prime ideal of Ol (not necessarily unramified). By the 
Chinese remainder theorem, there exists an element a of Ol such that a generates the group (Ol/^3) x and 
lies in t*P for all r £ G(«JJ). Let F(X) = UreG ( x ~ xa )- Then F(a) = mod % and so F(a 9 ) = F(a)« = 
mod ?p. Therefore ofl = aa mod <}3 for some o" e G. If ct ^ G(*}3), then (j _1 ?p 7^ <p, and so a 6 a _1< P; but 
then a 9 = = mod <p, which is a contradiction. Thus <r 6 G(^P). Every element y of Ol can be written 
y = a' + p, with P e ^3, and so 

ay = ff(a') = a lq = Y q mod ^p. 
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Proof. Let aeOi; then 

TOT~ l (a) = T((r~ 1 a) q + a), some a € and 
T((T~ 1 a) q + a) = a q + za = a q mod xty. D 

Thus if Gal(L/K) is abelian, then (ty,L/K) = ffl,L/K) for all primes «£, <p' dividing 
p, and we write (p, L/K) for this element. If Gal(L / K) is not abelian, then 

{(%L/K)\<$\p} 

is a conjugacy class in G, which (by an abuse of notation) we again denote (p,L/K). 
Thus, for a prime p of K, (p, L/K) is either an element of Gal(L/ K) or a conjugacy class 
depending on whether Gal (L/ K) is abelian or nonabelian. 

8.15 Consider a tower of fields 
M 

L y 

K p 

and assume thatO. is unramified over p; then 

(Q,M/K) mi9) = (0.,M/L). 

PROOF. Let k(£X) D k(ty) D k(p) be the corresponding sequence of residue fields. Then 
/(<P/p) = [Jk(qj) : jfc(p)], and the Frobenius element in Gal(ife(Q)/it(q})) is the /(WP)* 
power of the Frobenius element in Gal(/c (£}) / k(p)). □ 

8.16 In (8.15), assume that L is Galois over K; then 

(Q,M/K)\L = (%L/K). 
Proof. Obvious. □ 

Let L\ and Li be Galois extensions of K contained in some field Q, and let M = 
L \ ■ L2- Then M is Galois over K, and there is a canonical homomorphism 

cn-+(o-\Li,a\L 2 ):Gal(M/K)^Gal(L l /K)xGal(L 2 /K) 

which is injective. 

8.17 Under the above map, 

(Q,M/K)^(y 1 ,L 1 /K)x(y 2 ,L 2 /K). 
Proof. This follows from (8.16). □ 

Note that p splits completely in L if and only if (*p, L/K) — 1 for one (hence all) primes 
*}3 lying over it. Hence, in the situation of (8.17), p splits completely in M if and only if it 
splits completely in L\ and L 2 . 
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Examples 

We find the Frobenius maps for quadratic and cyclotomic fields, and obtain a surprisingly 
simple proof of the quadratic reciprocity law. 

Example 8.18 Let K = Q[£ n ], where is a primitive «th root of 1. If p\n then p 
ramifies in K, and (p, K/Q) is not defined. Otherwise a = (p, K/Q) is the unique element 
of Gal(X/Q) such that 

oa = a p mod p, for all a e Z[£„], 

for any prime ideal p lying over p. 

I claim that a is the element of the Galois group such that a(^ n ) = t,n'- l et p be a prime 
lying over p in Z[£ n ]; then modulo p, we have, 

*G>#) = E^ = E«f & = 

as required. 

Note that (p,K/Q) has order / where / is the smallest integer such that n\p* — I 
(because this is the order of p in (Z/ (»)) x ). 

Example 8.19 Let ^ = Q[y/d], and let /? be a prime that is unramified in K. Identify 
Gal(X/Q) with {±1}. Then (p,K/Q) — +1 or —1 according as p does, or does not, split 
in K, i.e., according as d is, or is not, a square modulo p. Thus (p, K/Q) = (^). 

Application: the quadratic reciprocity law 

Let K = Q[f], where £ is a primitive pth root of 1, p ^ 2. Because Gal(X/Q) ~ (Z/pZ) x 
is cyclic of order p — 1, it contains a unique subgroup of order (p — l)/2 (consisting of the 
elements of (Z/ /?Z) X that are squares), and hence ^ contains a unique quadratic extension 
F of Q. If /> = 1 mod 4, then /> is the only prime ramifying in Q[*/p], and Q.[y/~p] is 
the only quadratic field for which this is true. Similarly if p = 3 mod 4, then —p = \ 
mod 4, and —p is the only prime ramifying in Q[*J—p]. Thus F = Q[«/d] where <i = 

( _l)0>-D/2.^ 

If g is an odd prime ^ then 

Thus A"/Q) restricts to the identity element of Gal(Q[vZ]/Q) or not according as q is a 
square in (Z/ />Z) X or not. Thus (g, /T/Q)|Q[ v / <i] = (^). But we know that it is also equal 

to (|). Hence 

(p-D/2 

' "* = (_()</' -0/4. 

Here we have used that —1 is square in F g if and only if A\q — 1, so that (^-) = (— l)^ -1 )/ 2 . 
The displayed formula, together with the equalities 





= f_n0>-i)/2 = j 1 if^ = lmod4 
V ; ( -1 if p = 1 mod 4 

= r-n^ 2 - 1 )/ 8 = f 1 if ^ = ± lm od8 

v ; ( -1 if p = ±5 mod 8, 
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constitutes the quadratic reciprocity law. We have already proved the first equality, and the 
second can be proved as follows. Let £ be a primitive 8th root of 1 in an algebraic closure 
of F p , and let a = £ + From £ 4 = — 1, we see that 

X 4 + l = (X 2 -i; 2 )(X 2 -^- 2 ) in¥ p [X] 

because the roots of both polynomials are ±£, ±£ _1 . Therefore, £ 2 + £ -2 = 0, and so 
a 2 = 2. When p = ±1 mod 8, + = £ + £~\ i.e., a ? = a, and so 1 = a p_1 = 

2 0>-D/2 = (|) When p = ±5 mod g> £p + £-p = j-5 + £-5 = _(£ + J e ; fl P = _ a? 

and so-l = ^- 1 =2^- 1 )/ 2 = (|). 

Computing Galois groups (the hard way) 

Let / (X) be a polynomial over a field K, and let a\ a n be the roots of / (X) in K al . 

We want to determine the Galois group of / as a subgroup of the group of permutations S n 
of {ai,... ,a n }. 

Introduce variables t\,...,t n . For any er e S n and polynomial f(ti,...,t n ), define 
cr f / = f(t a (i),...,tcr(n)). Let ^ = ^ciiti, and define a polynomial 

= - o - ^) (product over a e 

The coefficients of this polynomial are symmetric polynomials in the a, , and so lie in K. 
Now factor 

F(X,t) = F 1 (X,t)---F r (X,t) 

in K[X, h,...,t»]. 

Theorem 8.20 LetG be thesetofa € S n such thato t fixes Fi(X,t); then G is the Galois 
group of f. 

PROOF. See van der Waerden, Algebra, Vol 1, §61 (Calculation of the Galois group). □ 

This theorem gives an algorithm (unfortunately impractical) for computing the Galois 
group of a polynomial f(X) e Q[X]. We may suppose f(X) to be monic with integer 
coefficients. First find the roots of f(X) to a high degree of accuracy. Then compute 
F(X,t) exactly, noting that this has coefficients in Z. Factor F(X,t), and take one of the 
factors Fi(X,t). Finally list the elements a of S n such that a t fixes F\(X,t). The problem 
with this approach is that F{X,t) has degree n\. It will probably work (on a computer) if 
n < 5, but otherwise it is like trying to compute a determinant directly from the definition 
as a sum of products. 

Computing Galois groups (the easy way) 

We now give a more practical procedure (also largely in van der Waerden with a more direct 
proof). 

Proposition 8.21 Let f(X) be a monic separable polynomial of degree n over a field 
K, and suppose that the Galois group G of f (X) has s orbits (as a group of permutations 
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of the roots of f) with ri\,,..,n s elements respectively (so that n \ + n 2 H h n s = n); 

then there is a factorization 

f(X) = MX)-MX) 

with fi (X) an irreducible polynomial in K[X] of degree tii . 

Proof. Write f{X) = \\(X-ai). For S C {1,2 n}, consider f s = \\ ieS (X-ai). 

This polynomial divides f(X), and it is fixed under the action of G (and hence has coeffi- 
cients in K) if and only if S is stable under G. Therefore the irreducible factors of f(X) 
are the polynomials fs with S a minimal subset of {1, .. .,«} stable under G, but such sets 
S are precisely the orbits of G in {1, 2, ... ,«}. □ 

Let a e S n . In GT 4.26, it is proved that a is a product of disjoint cycles. More precisely, 

if 

ox = {m n ,...,m lni }, o 2 = {m 2 i,--- ,m 2 n 2 }> ••• 

are the orbits of (a) acting on {l,2,...,n}, numbered in such a way that am, y - = m;y+i, 
then 

a = (mn ...mim)- {m 2 \ ...m 2n2 )- .... 
This remark, together with (8.21), gives us the following result. 

COROLLARY 8.22 Let f(X) he a monic separable polynomial of degree n over a finite 
field k, and let I be the splitting field of f(X). Suppose that the Frobenius element a e 
Gal(^/A:) (when regarded as a permutation of the roots of f(X)) is a product of disjoint 
cycles a = Cf-c s with c\ of length n[ (so that ^ «/ = n). Then f (X) factors as a product 
of irreducible polynomials in k[X] 

f(X) = MX)-f r (X) 

with fi of degree ni . 

In other words, the type of the cycle decomposition of a can be read off from the 
factorization of f(X). 

Theorem 8.23 (Dedekind) Let f (X) be a polynomial of degree n over a number field 
K, and let G be the Galois group of f . Assume f (X) e Ok[X] and is monic. Let p be a 
prime ideal of K, and suppose that 

f(X) = MX)--f r (X) modp 

with the f distinct irreducible polynomials in k[X] and f of degree n\, k = Ox/p- Then 
G contains a permutation o that is a product of disjoint cycles of length rii . 

PROOF. Take a to be the Frobenius element of any prime lying over p — the hypothesis on 
the factorization of / (X) mod p implies that p is unramified in the splitting field (because 
it implies that p doesn't divide the discriminant of /). □ 

Remark 8.24 There is a similar statement for real primes, namely, if 

f(X) = MX)-f r (X) 

in R[Z] with f\,...,fj of degree 2 and the remainder of the degree 1, then G contains a 
permutation a that is a product of disjoint j cycles of length 2. 
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This suggests the following strategy for factoring a polynomial Q[X]: factor f(X) 
modulo many primes p; discard the result if f(X) mod p has multiple factors; continue 
until a sequence of, say n, primes has yielded no new cycle types for the elements. Then 
attempt to read off the type of the group from tables. We discuss how effective this is later. 

Example 8.25 Let f(X) = X 5 -X-\. Modulo 2 this factors as (X 2 + X + l)(X 3 + 
X 2 + 1); modulo 3 it is irreducible. Hence G contains (12345) and (ik)(£mn) for some 
numbering of the roots. It also contains ((ik)(tmn)) 3 = (ik), and this implies that G = S5 
(see 8.28 below). 

Lemma 8.26 Let H be a subgroup of S n ; if H is transitive (for example, contains an 
n-cycle) and contains an (n — l)-cycie and a transposition, then H = S n . 

PROOF. After possibly renumbering, we may suppose that the (n — l)-cycle is (1 2 3 ...» — 
1). By virtue of the transitivity, the transposition can be transformed into (in), some i <n — 
1. Now the (n — l)-cycle and its powers will transform this into (1 n), (2 n), (n — \ n), 
and these elements obviously generate S n (because S n is generated by transpositions). □ 

Example 8.27 Select monic polynomials of degree n, fx, fa, with coefficients in Z 
such that 

(a) f\ is irreducible modulo 2; 

(b) fi = (degree l)(irreducible of degree n — 1) mod 3; 

(c) fj = (irreducible of degree 2)(product of one or two irreducible polynomials of odd 
degree) mod 5. We need to choose to have distinct roots modulo 5. 

Take 

/ = -15/! + 10/ 2 + 6/ 3 , 

and let G be the Galois group of /. Then 

(a') G is transitive (it contains an n -cycle because of (a)); 
(b') G contains a cycle of length n — 1 ; 

(c') G contains a transposition (because it contains the product of a transposition with 
a commuting element of odd order). 

The above lemma shows that G = S n . 

Remark 8.28 There are other criteria for a subgroup H of S n to be all of S n . For example, 
a subgroup H of S p , p prime, that contains an element of order p and a transposition is 
equal to 5^ (FT, Lemma 4.14). 

Remark 8.29 In Pohst and Zassenhaus 1989, p73, there are suggestions for constructing 
irreducible polynomials f(X) of degree n in Fp[X]. A root of such a polynomial will 
generate ¥ q , q = p n , and so every such / (X) will divide X q — X. One can therefore find 
all f(X)s by factoring X q - X. 

For example, consider X 125 — X e ¥s[X]. Its splitting field is F125, which has de- 
gree 3 over F 5 . The factors of X 125 - X are the minimum polynomials of the elements 
of F125. They therefore have degree 1 or 3. There are 5 linear factors, X, X — 1, X — 2, 
X — 3, X — 4, and 40 cubic factors, which constitute a complete list of all the monic irre- 
ducible cubic polynomials in Fs[X]. PARI has no trouble factoring X 125 — X modulo 5 
(f actormod(X"125-X,5)) or X 625 - X modulo 5, but for X 3125 - X modulo 5, which 
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gives a complete list of monic irreducible polynomials of degree 1 or 5 in Fs[X], I had to 
increase the allocated memory (alio cat emem( 10000000)). 

However, if you only want one irreducible polynomial of degree n , it is easier to write 
down a polynomial at random, and check whether it is irreducible. 



Cubic polynomials 

The group 5*3 has the following subgroups: 

order group group elements 

1 1 1 

2 C 2 1x1 + 1x2 

3 A 3 1x1+2x3 

6 S 3 1x1 + 3x2 + 2x3. 

By the last row, I mean S3 has one 1 -cycle, three 2-cycles, and two 3-cycles. 

Note that any subgroup of S3 containing cycles of length 2 and 3 is the whole of S3 ; thus 
if / is irreducible modulo some prime and has an irreducible factor of degree 2 modulo a 
second prime, then its Galois group is S3. On the other hand, if factorizing / modulo many 
primes doesn't turn up a factor of degree 2, but / is irreducible, then expect the Galois group 
of / to be A3. This can be checked by seeing whether disc(/) is a square. For example, 
the calculations in Examples 3.48 and 3.49 show that the polynomials X 3 + 10X + 1 and 
X 3 — 8X +15 both have Galois group S3. 

To make this more effective (in the technical sense), we need the Chebotarev density 
theorem. 



Chebotarev density theorem 

Definition 8.30 Let S be a set of finite primes in a number field K, and let P be the set 
of all finite primes. We say that S has natural density 8 if 

|{peS|Np<jV}| = 
|{p|Np<Af}| 



Theorem 8.31 (Chebotarev density theorem) Let L be a finite Galois extension 
of the number field K, with Galois group G, and let C be a conjugacy class in G. The set 
of prime ideals p of K such that (p,L/ K) = C has density 8 = \C\/\G\. 

PROOF. See my notes CFT (in fact, normally one proves this result with a slightly weaker 
notion of density). □ 



For example, if G is abelian, then for each a e G, the set of p such that (p, L/ K) = a 
has density 1 / 1 G | . 

Corollary 8.32 The primes that split in L have density 1/[L : K\. In particular, there 
exist infinitely many primes of K not splitting in L . 



Remark 8.33 There is a bound for the error in implicit in (8.31) in terms of the dis- 
criminant of the polynomial, but it is large. The existence of the bound has the following 
consequence: given a polynomial f(X) e Q[X] (say), there exists a bound B such that, if 
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a given cycle type doesn't occur as the Frobenius element of some p < B, then it doesn't 
occur at all. For a discussion of the effective version of the Chebotarev density theorem, 
see Lagarias and Odlysko, 1977. 4 

Example 8.34 Let K = Q[£ n ]. Then Gal(X/Q) = (Z/«Z) X and (p,K/Q) = [p]. The 
Chebotarev density theorem says that the primes are equidistributed among the congruence 
classes. In other words, each of the arithmetic progressions 

k, k + n, k + 2n, k + 3n,. . . gcd(k,n) = l, 

contains l/cp(n) of the primes. In particular, each of the arithmetic progressions contains 
infinitely many primes. This statement was conjectured by Legendre and proved by Dirich- 
let (using Dirichlet series). The proof of the Chebotarev density theorem is a generalization 
of that of Dirichlet. 



Example 8.35 In a quadratic extension, half the primes split and half the primes remain 
prime. 



Example 8.36 Let / be a cubic polynomial with coefficients in Q. The Chebotarev den- 
sity theorem implies the following statements (see the above table): 
G = 1: / splits modulo all primes. 

G = Ci : / splits for 1 /2 of the primes and has an irreducible factor of degree 2 for 1 /2 
of the primes. 

G = A-$ : / splits for 1/3 of the primes and / remains irreducible for 2/3 of the primes. 
G = S3 : / splits for 1/6 of the primes, has a factor of degree 2 for 1 /2 of the primes, 
and remains prime for 1/3 of the primes. 



Example 8.37 Let / be a quartic polynomial with no linear factor. 

(a) When disc(/) is a square, the possible Galois groups are: 

order group elements 

2 C 2 1 x 1 + 1 x 2 2 

4 V 4 1 x 1 + 3 x 2 2 

12 A 4 Ixl + 3x2 2 + 8x3 

(b) When disc(/) is not a square, the possible Galois groups are: 

order group elements 

4 C 4 Ixl + lx2 2 + 2x4 

8 D 8 Ixl + 2x2 + 3x2 2 + 2x4 

24 5 4 lxl + 3x2 2 + 6x2 + 8x3 + 6x4 

See FT, Chapter 4. Thus if / is a polynomial of degree 4 with Galois group D%, then it will 
split modulo p for 1 /8 of the primes, factor as the product of a quadratic and two linear 
polynomials for 1/4 of the primes, factor as the product of two quadratics for 3/8 of the 
primes, and remain irreducible for 1/4 of the primes. 

4 Lagarias, J. C; Odlyzko, A. M. Effective versions of the Chebotarev density theorem. Algebraic number 
fields: L-functions and Galois properties (Proc. Sympos., Univ. Durham, Durham, 1975), pp. 409-464. 
Academic Press, London, 1977. 
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For a similar table for polynomials of degree 5, see Pohst and Zassenhaus 1989, pi 32. 
One strategy for determining the Galois group of a polynomial is 

(a) test whether / is irreducible over Q; 

(b) compute the discriminant of / ; 

(c) factor / modulo good primes (i.e., those not dividing the discriminant) until you 
seem to be getting no new cycle types; 

(d) compute the orbit lengths on the r-sets of roots (these are the degrees of the irre- 
ducible factors in Q[X] of the polynomial whose roots are the sums of r roots of 

/); 

(e) ad hoc methods. 

As late as 1984, it had not been proved that the Mathieu group M\\ occurs as a Galois 
group over Q (Mn is subgroup of S\\ of order 111/5040 = 7920). 
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Applications of the Chebotarev density theorem 

We now discuss some other applications of the Chebotarev density theorem. 

For any extension L/K of number fields, write Sp\(L/K) for the set of primes that 
split completely in L, and write Spl'(L/ K) for the set of primes that have at least one split 
factor. Then Spl(L / K) C Spl'(L / K) always, and equality holds if L/ K is Galois, in which 
case the Chebotarev density theorem shows that Spl(L/^) has density 1/[L : K]. 

Theorem 8.38 IfL and M are Galois over K, then 

LcM Spl(L/K)D Spl(M/K). 

Proof. =>•: This is obvious. 
•<= : We have 

Sp\(LM/K) = Spl(L/K) n Spl(M/K). 
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To see this, note that 

p g Spl(LM/K) (p,LM/K) = 1 

(p,LM/K)\L = 1 and (p,LM/K)\M = 1; 

but (p,LM/K)\L = (p,L/K) and (p,LM/K)\M = (p,M/K). Now 

Sp\(M/K) C Spl(L/K) =>• Sp\(LM/K) = Sp\(M/K) 

% l [LM : K] = [M : K] =>• L c M. a 

Corollary 8.39 If L and M are Galois over K, then 

L = M Spl(M/K) = Spl(L/K). 

PROOF. Obvious from the Proposition. □ 

Remark 8.40 (a) In fact, L = M if Spl(M/K) and Spl(L/^) differ by at worst a finite 
set of primes (or if they differ by at worst a set of primes of density zero). 

(b) The effective form of the Chebotarev density theorem shows that (8.38) is effective: 
in order to show that L C M it suffices to check that 

p splits in M p splits in L 

for all primes p less than some bound. 

(c) Corollary 8.39 is not true without the Galois assumptions: there exist nonisomorphic 
extensions L and M of Q such that Spl(L / K) = Spl(M/ K). In fact there exist nonisomor- 
phic extensions L and M of Q of the same degree such that 

o L and M have the same discriminant; 

o a prime p not dividing the common discriminant decomposes in exactly the same 
way in the two fields. 

(d) It is clear from (8.39) that if a separable polynomial / (X) e K[X] splits into linear 
factors mod p for all but finitely many primes p of K, then / (X) splits into linear factors in 

With a little more work, one can show that an irreducible polynomial / (X) e K[X] 
can not have a root mod p for all but a finite number of primes. This last statement is false 
for reducible polynomials — consider for example, 

(X 2 -2)(X 2 -3)(X 2 -6). 

For more on these questions, see Exercise 6, p361, of Algebraic number theory. Proceedings 
of an instructional conference organized by the London Mathematical Society. Edited by 
J. W. S. Cassels and A. Frohlich Academic Press, London; Thompson Book Co., Inc., 
Washington, D.C. 1967. 

(e) It is easy to give examples of polynomials / (X) that are irreducible over Q but 
become reducible over Q p for all p, including p = oo. Since the Galois group of any 
extension of local fields is solvable, one only has to chose / to have nonsolvable Galois 
group, for example, S n for n > 5. 
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8. Global Fields 



Example 8.41 Fix a number field K. According to (8.39), a Galois extension L of K 
is determined by the set Spl(L/^). Thus, in order to classify the Galois extensions of 
K, it suffices to classify the sets of primes in K that can occur as Spl(L/K). For abelian 
extensions of K, class field theory does this — see CFT (they are determined by congruence 
conditions). For nonabelian extensions the sets are still a mystery — it is known that they 
are not determined by congruence conditions — but Langlands's conjectures shed some 
light. 

Exercises 

8-1 Let K = Q[a] where a is a root of X 3 — X 2 — 2X — 8. Show that there are three exten- 
sions of the 2-adic absolute value to K. Deduce that 2| dhc(Z[a]/Z) but not disc(C^/Z). 

8-2 Let L be a finite Galois extension of the local field K, and let G ; , i > 0, be the z'fh 
ramification group. Let TJ generate the maximal ideal in Ol- For a e G ; , write a/7 = 
n + a(a)n l + l , and consider the map G, — »• /, a i-> a(a) mod (77), where / = 0^/(77). 
Show that this is a homomorphism (additive structure on /) if and only if i > 0. 

8-3 * "It is a thought-provoking question that few graduate students would know how to 
approach the question of determining the Galois group of, say, 5 

X 6 + IX s + 3X 4 + 4X 3 + 5X 2 + 6X + 7." 

(a) Can you find it? 

(b) Can you find it without using a computer? 

8-4 Let K = k(X) where k is a finite field. Assume that every absolute value of K comes 
from a prime ideal of k[X] or k[X _1 ], and prove the product formula. 



And after the first year [as an undergraduate at Gottingen] I went home with 
Hilbert's Zahlbericht under my arm, and during the summer vacation I worked 
my way through it — without any previous knowledge of elementary number 
theory or Galois theory. These were the happiest months of my life, whose 
shine, across years burdened with our common share of doubt and failure, still 
comforts my soul. 

Hermann Weyl, Bull. Amer. Math. Soc. 50 (1944), 612-654. 



I don't remember where this quote is from. 



Appendix 



Solutions to the Exercises 

0-1. Use that a = m + n\/~d is an algebraic integer if and only if Tr(a) = —2m e Z and 
Nm(a) = m 2 - n 2 d e Z. 

0- 2. Similar to Exercise 2-1 below. 

1- 1. (a) Let S = A \ {J t p ; - with the p ; - prime ideals. 

x,y € S Vi, x,y £ pi V/, xy £ p 7 - •<=> xy e 5*. 

=>■: Let a S. Then (a) fl S = because 5 is saturated. Let / be maximal among the 
ideals of A containing a and disjoint from S — exists by Zorn's Lemma. I'll show that / 
is prime. Suppose xy e I . 

If x I, then / + (x) properly contains /, and so (/ + (x)) fl S is nonempty — let 
c + ax € S with eel and a € A. 

Similarly, if y £ I, there exists c' + a'y € S. 

But (c + ax)(c' + a'y) e I , which is not possible because S is multiplicative. Therefore 
x or y e I , and so / is prime. 

(b) Given S, let S' = {x 6 A \ 3y e A such that xy € S} — verify that it is multiplicative 
and saturated, and is the smallest such set containing S ; moreover, it is a union of the prime 
ideals not meeting S, and S~ l M s S' M for all ^4-modules. For the final statement, use 
that p remains prime in S~ l A if and only if S D p = 0. 

[Cf. Bourbaki, Alg. Comm., 1961, II, Ex. §2, no. 1, and Atiyah and MacDonald, 
Chapt. 3, no. 7.] 

2- 1. By inspection, 4 = 2 • 2 = (3 + V5)(3 - V5). We have to show that 2, 3 + V5, and 

3- V5 are irreducible, and 2 is not an associate of the other two. 

If 2 = aft then 4 = Nm(2) = Nm(a) -Nm(^), from which it follows that Nm(cf) = ±1, 
±2, or ±4. If Nm(a) = ± 1, a is unit (with inverse ± its conjugate); by looking mod 5, one 
sees that Nm(a) = ±2 is impossible; if Nm(a) = ±4, then ^ is a unit. Hence 2 can't be 
factored into a product of nonunits. The same argument applies to the other two elements. 

If 2 and 3 + V5 were associates, then there would be a unit m + n \/~5 in Z[<«/5] such 
that 3 + V5 = 2(m + nV5), but this is impossible. 

2-2. Suppose f(X) = Y[gi {X) with gj (X) irreducible in K[X]. Let a be a root of g,- (X) 
in some extension field. Then gi (X) is the minimum polynomial of a over K. Because a 
is a root of / (X), it is integral over A, and so gi (X) has coefficients in A (by 2.9). 
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A. Solutions to the Exercises 



2-3. Consider first the case that L = K[a], a p = a e K. 

2-4. Clearly 2 does not divide 1 + V^3 in Z[v^3], and so (2), but 

a 2 = (4,2 + 2V^3,-2 + 2V = 3) = (4,2 + 27^3) = (2)(2,1 + V^3) = (2)a. 

If there were unique factorization into products of prime ideals, then 

ab = oc, a ^ =>• b = c. 

We have shown that the ring Z[*s/^3] doesn't have this property. 
2-5. Let a e A[/3] H ^4[/3 -1 ]. By hypothesis, we can write 

a = a + aifi H Va m $ m 

a = b + b 1 p- 1 + --- + b n p- n - 

Let M be the ^4-submodule of B generated by {fi~ n , . . . , 1 , . . . , fi m }. From the first equation, 
we find that a/3~' e M, <i < n, and from the second equation we find that af3 J e M, 
< j < m. We can apply (2.4) to deduce that a is integral over A. 

2- 6. (a) Check easily that the products CKjCK/, i ^ j , are divisible by 3, and this implies that 

= 2^ a f m °d 3. The rest is easy. 

(b) Using Gauss's Lemma, one finds that X t-> a.:7L\X\ Z[ot] defines an isomorphism 
Z[X]/(f(X)) ~ Z[a]. Hence 

3|g(a) ^ 3AeZ[jr]s.L/|g-3A ^ 3|g. 

(c) OK. 

(d) Since F3 has only 3 elements, there are only 3 monic polynomials of degree 1. 

3- 1. It is not a Dedekind domain because it has a chain of prime ideals 



3-2. From Galois theory (or playing around, or from PARI) find that ( y3 + y7) /2 is a root 
of the polynomial X 4 - 5X 2 + 1. 

3- 4. LetA = k[X 2 ,X 3 ]ck[X]. As k[X] = k[X 2 ] ■ 1 + k[X 2 ] X, it is aNoetherian k[X 2 ]- 
module. Therefore, an ideal in A is finitely generated when regarded as a A:[X 2 ]-module, 
and a fortiori as an ^4-module. Thus A Noetherian. If p is nonzero prime ideal of A, then 
p contains a nonzero polynomial, and so A/p is a finite-dimensional vector space over k. 
Since it is an integral domain, it must be a field (see 3.30), and so p is maximal. The element 
X of k(X) is integral over A because it is a root of the polynomial T 2 — X 2 e A[T], but 
X £ A. Therefore A is not integrally closed. 

4- 1. For example, take B = k[X, Y] D k[X] = A and p = (7), or B = k[X) D k = A and 
p = (X). 

4-2. Write pB = T\^if m/p) and = U^j^ . Then 

i ij 
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and Qij ^ O-i'j' unless = For the second part of the problem, seethe start of 

Chapter 4 of the notes. 

4-3. The possibilities are determined by e\ ft = 3. Since the discriminant is — 3 1 , only 3 1 
ramifies, and X 3 + X + 1 = (X + 28) (X + 17) 2 mod 31. All possibilities except (p) = p 3 
occur. 

4-4. Compute the Minkowski bound to find a small set of generators for the class group. In 
order to show that two ideals o and b are equivalent, it is often easiest to verify that a - b m_1 
is principal, where m is the order of b in the class group. 

4-5. Let ai , . . . , a/, be a set of representatives of the ideal classes. It suffices to find a field 
L such that each a, becomes principal in L. Because the ideal class group is finite, each 
of the a,- is of finite order, say a.- ' = (ai), a,- e K. Let L be a finite extension of K such 
that each a,- becomes an m,-th power in L, say a, = a ; m ' , a,- £ L. In the group of fractional 
ideals of L, we have 

<F-l = to) = w) = tor*. 

Since the group of fractional ideals is torsion-free, this equation implies that o, • Ol = (ofj)- 
[In fact, every ideal of K becomes principal in the Hilbert class field of K (see 4.9), but this 
is very difficult to prove — it is the Principal Ideal Theorem (see CFT).] 

4-6. The discriminant of X 3 — X + 2 is (— 26)2 2 , and Stickleberger's lemma shows —26 is 
not a possible discriminant, and so Ok — Z[a]. To show that the class number is 1, it is 
only necessary to show that the ideals dividing (2) are principal. 

4- 7. To show that Ok = Z[z][y], Y = 1+ 2^ > observe that D(l,y) = 5, and 5 is not a square 
in Z[z']; now apply Lemma 2.23. The prime 2 ramifies in Q[i], but not in Q[V5], and so it 
ramifies in K with ramification index 2 (this follows from the multiplicativity of the e's). 
Similarly, 5 ramifies in K with ramification index 2. Since disc(Oj^/Z[i]) = (5), only the 
divisors of (5) (in Z[z"]) can ramify in k, and hence only 2 and 5 can ramify in K. The proof 
that Q[V^5] has class number 2 is sketched in (4.6). [Of course, this problem becomes 
much easier once one has (6.5).] 

5- 1. No! Some infinite sets: 

{m\fl — [mV2] | m,n € Z}, [*] =integer part; 
{(V2- 1)" | n e N}; 
Wn 2 + l-n | n e N}; 

{a | a is the smaller root of X 2 + mX + 1 = 0, raeZ) 
5-2. The period is 10, and the fundamental unit is 

48842 + 5967 V67. 

5- 3. No! One way to obtain a counterexample is to note that, if a prime p factors as p = it\ ■ 
7T2 (tTj nonassociate primes) in a quadratic extension of Q, then Nmii =±p = Nmi2, and 
so tt\/tz2 has norm ±1. For example 5 = (2 + i)(2 — i) in Q[i], and so (2 + i)/(2 — i) has 
norm 1 , but it is not an algebraic integer. Alternatively, note that any root of an irreducible 

polynomial X" +a\X n ~ 1 H h 1, 6 Q, not all a,- e Z, will have norm ±1, but will not 

be an algebraic integer. 

6- 1. Let a be a root of X 3 - 3X + 1. Then disc(Z[a]/Z) = 81. Since its sign is (-1)*, 
we must have s = 0, r = 3 — three real embeddings. From their minimum polynomials, 
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A. Solutions to the Exercises 



one sees that a and a + 2 are algebraic integers with norms 1 and — 1 respectively. From 
(a + l) 3 = 3a (a + 2) we find (a + l) 3 = (3) in Ok- From the formula a ft = 3, we find 
that there can be no further factorization, and e = 3, / = 1. The second equality implies 
that O k /(a + 1) = Z/(3), and so 0^ = Z + (a + 1)^. The proof that 0^ = Z[a] proceeds 
as in the proof of 6.2. The Minkowski bound is 2, and 2- Ok is prime, because X 3 — 3X + 1 
is irreducible modulo 2. 

6- 2. First solution: Let a be an algebraic integer in Q[£ + We can write it 

a = £a/(? + r 1 )'. < i < <p(m)/2, a, e <Q>. 

Suppose a„ is the last coefficient not in Z. Then a' = X)f=o (£ + £ _1 )' * s a l so an algebraic 
integer. On expanding this out, and multiplying through by f " , we find that 

= a n ^ 2n + terms of lower degree in £, a n £"L. 

This contradicts the fact that £"c/ is in Z[£]. 

Second solution: Clearly, ^ Q[t+t-i] = ^Q[t + t _1 ]- It follows that the algebraic 
integers in Q[£ + are those elements that can be expressed J2 a i (£' + a * e Z. 
Now prove inductively that £' + e Z[£ + 

7- 2. (a) Easy, (b) Show s„ = Yl7=o a i ^ s Cauchy if and only if a, —> 0. 

7-3. If a = 0, there is a solution, and so we now take a ^ 0. To have a solution in Z7, 
clearly it is necessary that a = 7 2m + l ■ b, m > 0, with b an integer that is not divisible by 
7 but is a square modulo 7 (hence b = 1,2,4 mod 7). Newton's lemma shows that this 
condition is also sufficient. 

For aeQ, IX 2 = a has a solution in Q7 if and only if a = 7 2m+1 -b, m e Z, b € Z, 
b - 1,2,4 mod 7. 

7-4. (a) Because the product of two nonsquares in Z/(/?) is a square, and least one of 
X 2 — 2, X 2 — 17, X 2 — 34 has a root modulo p, and if p ^ 2, 17, the root is simple and 
hence lifts to a root in Z p (by Newton's lemma). The polynomial X 2 — 2 has 6 as a simple 
root modulo 17, and so it has a root in Z17. Let g(X) = X 2 — 17 and ao = 1. Then 
|<?(«o)|2 = 1/16 and |g'(ao) 2 |2 = 1/4 and so Newton's lemma (7.32) again shows that it 
has a root in Z2. 

(b) Apply the method of proof of (7.31) to find 

a = l + 5.7 + 7 3 + 2-7 4 + 5-7 5 + ---. 

7-5. If A: is a field of characteristic ^ 2, a quadratic extension of k is of the form ^[y'aj for 
some a e k, a k 2 , and two nonsquare elements a and b of k define the same quadratic 
extension if and only if they differ by a square (FT, 5.28). Thus the quadratic extensions of 
k are in one-to-one correspondence with the cosets of k x2 in k x other than k x2 itself. 

We have to find a set of representatives for 2 i n Q2 • Clearly an element u ■ 2 n of > 
u G Z2 , is a square if and only if n is even and u is a square in Z2, and Newton's lemma 
shows that u is a square in Z2 if (and only if) it is a square in Z2/ (8) = Z/ (8). The elements 
±1,±5 form a set of representatives for (Z/ (8)) x , and of these only 1 is a square. Hence 
{±1, ±5 ± 2, ±10} is a set of representatives for Q^/^-i 2 ' an( l so tne distinct quadratic 
extensions of Q2 are the fields Q[>/a] for a = —1, ±2, ±5, ±10. 
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There is a description of the structure of Q* in Serre, Course..., EE.3. Let U =1** and 
let Ui be the subgroup 1 + p l 7L P of U ; we know from (7.27) that Q p contains the group 
/ip-i of (p — l) st roots of 1, and one shows that 

<Q£ «Zxn H x£/i, C/i«Zp, />^2; 

Q2 wZxUi, C/i = {±l}x[/ 2 , C/ 2 R»Z 2 . 
There is a general formula, 

(ir x.^xm ) = ^L ( 1} 

for any finite extension K of Q p ; here /x m is the group of m roots of 1 in K. See CFT VII. 

7-6. If 2 occurs among the ex,-, number it a\. Then at £ Q[oti,oi2, ...,oti-\\ because pi does 
not ramify in Q [a 1,0(2, ...,«/- 1]. Therefore the degree is 2 m (alternatively, use Kummer 
theory). The element y is moved by every element of Gdl(K/Q), and so it generates K. 
The group Gal(^T/Q) is abelian of exponent 2 (i.e., every element has square 1). The same 
is true of the decomposition groups of the primes lying over p. Write K <8>q Q p = Y\ Ki> 
so that Kt % K[X]/(fi(X)) where fi(X) is the i th irreducible factor of f{X) in Q P [X] 
(cf. 8.2). Kummer theory and the description of Q* given above show that [K, : Q p ] < 4 
if p ^2 and [^,- : Q2] < 8 (because their Galois groups are abelian of exponent 2). This 
implies that / (X) factors as stated. 

7-7. The degree of Qp[£»], p does not divide n, is /, where / is the smallest integer 
such that n\pf — 1. As n — > 00, / — >■ 00, and so a finite extension ^ of Q p can contain 
only finitely many £„'s. Suppose J2^ n p" converges to /5 e Q^ 1 . Then K = Qp\fi] is a 
finite extension of Q p . Let = X)«=i KnP* '• Then cx ? is further from its conjugates than 
it is from /3, and so Krasner's lemma (7.60) implies that Q ? [cx?] C Q^|j8]. It follows (by 
induction) that Q p [/3] contains all the £„, and this is impossible. 

7- 8. (a) The polynomial 

x 3 + x 2 + x + 1 

has the factor X — 1 , but 

X 3 + X 2 + X-l 

is irreducible because it is irreducible modulo 5. 
(b) Consider 

/ = X 6 + 3 x 5X 5 + 3 x 5X 4 + 3 x 5 4 X 3 + 3 x 5 4 X 2 + 3 x 5 9 X + 3 x 5 9 . 

It is Eisenstein for 3, and hence is irreducible over Q. Its Newton polygon for 5 has slopes 
1/2, 3/2, and 5/2, each of length 2. Correspondingly, in Qs[X] it is a product of three 
polynomials / = fxfzfs- Each of the /, is irreducible because the field generated by a 
root of it is ramified (because the slope isn't an integer). 

8- 1. The Newton polygon of f(X) = X 3 - X 2 - 2X - 8 has three distinct slopes 1,2,3, 
and so it splits over Q2. Now (8.1) shows that | I2 has three distinct extensions to K. Using 
that Yl e ifi = 3> we see that 2 doesn't ramify in K, and so 2 does not divide discO^/Z. 
On the other hand 2| disc(/ (X)) because / (X) has multiple roots modulo 2 (according to 
PARI, its discriminant is —2012). 
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A. Solutions to the Exercises 



8-2. Straightforward. 

8-3. (a) In PARI, type polgalois(X~6+2*X~5+3*X~4+4*X~3+5*X~2+6*X+7). 
(b) There are the following factorizations: 



Thus the Galois group of / has elements of type: 

6, 3 + 3, 1 + 5, 1 + 1 + 4, 1 + 1 + 2 + 2, 2 + 2 + 2. 

No element of type 2, 3, 3 + 2, or 4 + 2 turns up by factoring modulo any of the first 400 
primes (so I'm told). Thus it is the group 7T4 in the tables in Butler and McKay (see pl41) 
of the notes. It has order 120, and is isomorphic to PGI^Fs) (group of invertible 2x2 
matrices over F5 modulo the scalar matrices al?., a e F5). 

8-4. Prime ideals of k[X] and define the same valuation of k(X) if and only if 

they generate the same prime ideal of k[X, X -1 ]. Thus there is one valuation ord p for each 
monic irreducible polynomial p(X) of k[X], and one for the polynomial X~ l in 
The normalized absolute value corresponding to p(X) is 



where q = #k and ord /7 (g) is the power of p(X) dividing g(X), and the normalized absolute 
value corresponding to X~ l is 



mod 3, irreducible; 
mod 5, (deg 3) x (deg 3), 
mod 13, (deg 1) x (deg 5); 
mod 19, (deg l) 2 x (deg 4); 
mod 61, (deg l) 2 x(deg 2) 2 ; 
mod 79, (deg2) 3 . 





Thus the product formula is equivalent to the formula, 




P(X) 



which is obvious. 



Appendix 



Two-hour examination 



Prove (or, at least, explain) your answers. 

1. (a) Is (1 + 0/v2 an algebraic integer? 

(b) Is Z[y29] a principal ideal domain? 

2. Let K = Q[a] where a is a root of X n — 2,n>2. 

(a) Find [K : <Q>]. 

(b) In how many ways can the usual archimedean absolute value on Q be extended to 

K? 

(c) Same question for the 2-adic absolute value. 

(d) Find the rank of the group of units in Ok and the order of its torsion subgroup. 

3. Let £ be a primitive 8 th root of 1. Show that Q[£] contains exactly 3 subfields of degree 
2 over <Q>, and they are Q[V-1], Q[V2], QiV^l]. 

4. Let a and n be nonzero elements of the ring of integers Ok of a number field K with 
7i irreducible (i.e., n = ab =>■ a or & a unit). If tt|o! 3 , can you conclude that n\al What 
condition on the class group would allow you to conclude this? 

5. Let K — <Q>3[£], where £ is a primitive 3rd root of 1. Find the Galois group of K over Q3 
and its ramification groups. 

6. Let K be a finite Galois extension of Q with Galois group G. For each prime ideal ^ of 
Ok, let be the inertia group. Show that the groups generate G. 
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